inetd + vsftpd annoying error logs

Young

Young

Hi guys, I use vsftpd with inetd for almost 10 years and today with the massive amount of botnets and network scanning tools, exposed services are subject to dozen or even hundred of connection attempts daily. My /var/log/message is currently 99% filled with this annoying error:

Code: 
inetd[2902]: /usr/local/libexec/vsftpd[64905]: exited, status 2

By running truss to trace application calls it return status 0 as intended. It's impossible to debug since isn't generate any coredump. Easy to reproduce just by connecting to the FTP port then quit.

Someone managed to fix or at least hide this damn error from log?

Ps.: I have this "problem" since FreeBSD 9 or 10 and doesn't matter the options in the config file.

/etc/inetd.conf
Code: 
ftp stream tcp nowait root /usr/local/libexec/vsftpd vsftpd

/usr/local/etc/vsftpd.conf
Code: 
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
ftpd_banner=You are not welcome here
chroot_local_user=YES
listen=NO
secure_chroot_dir=/usr/local/share/vsftpd/empty
force_dot_files=YES
allow_writeable_chroot=YES
guest_enable=YES
virtual_use_local_privs=YES
pam_service_name=vsftpd-virtual
user_sub_token=$USER
local_root=/storage/ftp/$USER
hide_ids=YES
delete_failed_uploads=YES
 
Young said:
Hi guys, I use vsftpd with inetd for almost 10 years and today with the massive amount of botnets and network scanning tools, exposed services are subject to dozen or even hundred of connection attempts daily. My /var/log/message is currently 99% filled with this annoying error:

Code: 
inetd[2902]: /usr/local/libexec/vsftpd[64905]: exited, status 2

By running truss to trace application calls it return status 0 as intended. It's impossible to debug since isn't generate any coredump. Easy to reproduce just by connecting to the FTP port then quit.

Someone managed to fix or at least hide this damn error from log?

Ps.: I have this "problem" since FreeBSD 9 or 10 and doesn't matter the options in the config file.

/etc/inetd.conf
Code: 
ftp stream tcp nowait root /usr/local/libexec/vsftpd vsftpd

/usr/local/etc/vsftpd.conf
Code: 
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
ftpd_banner=You are not welcome here
chroot_local_user=YES
listen=NO
secure_chroot_dir=/usr/local/share/vsftpd/empty
force_dot_files=YES
allow_writeable_chroot=YES
guest_enable=YES
virtual_use_local_privs=YES
pam_service_name=vsftpd-virtual
user_sub_token=$USER
local_root=/storage/ftp/$USER
hide_ids=YES
delete_failed_uploads=YES
Click to expand...

If you're running your FTP privately or with a small number of users, my solution years ago was to register all those users with a free/cheap DDNS service, create a pass rule on the firewall for that group, and drop the rest of the traffic before it could even reach the FTP service.
I know it's not what you asked for, and it doesn't scale well, but perhaps it addresses your problem from a different angle.
 
rmartin said:
If you're running your FTP privately or with a small number of users, my solution years ago was to register all those users with a free/cheap DDNS service, create a pass rule on the firewall for that group, and drop the rest of the traffic before it could even reach the FTP service.
I know it's not what you asked for, and it doesn't scale well, but perhaps it addresses your problem from a different angle.
Click to expand...
Thank you for reply rmartin. This happen even with my private FTP configuration, used by my automated backup. I have several remote servers that upload daily backup trough my VPN, that causes spam to my system log just like the public FTP. This is really really annoying!
 
You must log in or register to reply here.
Back
Top