Topics

• ASP(4)
• ASP.NET(0)
• Ajax(0)
• ActionScript(11)
• PHP(0)
• Apache(16)
• Cgi / Perl(0)
• HTML-CSS(0)
• JavaScript(0)
• XML(0)
• SQL(0)
• MySql(0)
• SQL Server(0)
• Java(0)
• Phyton(0)
• VB.Net(0)
• C#(0)
• C - C++(0)
• Pascal(0)
• VisualBasic(0)
• Delphi / Kylix(0)
• Assembly(0)
• SEO(0)
• Linux / Unix(6)
• Security Tips(0)
• Serach Engines(1)
• Other(1)

---

User Login

Username

Password

Register
Forget Password

Hostings with very low prices

Hosting Plans Starting at 1$/Month

BaydHost

Powered By

AhmBay

Directory listings slow with ftp server and CentOS - Linux / Unix Webmaster Tips, Knowledge Base Webmaster Tools

Home > Linux / Unix > Directory listings slow with ftp server and CentOS
	Category : Linux / Unix Written by : Admin Date : 2008-11-16 Rating : 0   | Voted : 0 times Hit : 553
recently installed the vsftpd FTP Server onto a CentOS box and have a fairly tight firewall setup script using iptables. When I logged in to test it and issued an "ls -l" command it took a really long time for the driectory listing to come back. At first I thought it wasn't going to show the directory listing at all but it finally did. This post looks at the solution to the problem. The notes in this post will also apply to vsftpd on Red Hat Enterprise Linux which CentOS is based on. First, we'll look at the basics of setting up vsftpd, the firewall rule I added, and then the solution to the problem. Installing VSFtpd Installing VSFtpd from the command line is as simple as this: yum install vsftpd To start it now: /etc/init.d/vsftpd start and to have vsftpd run automatically when the system starts: chkconfig vsftpd on Firewall rule I added the following rule to my custom firewall script. We only allow FTP access to this particular server from a very few static IP addresses so there's a line for each IP address as in the following example: iptables -A INPUT -p tcp --dport 21 -s 192.168.1.10 -j ACCEPT I then restarted the firewall and attempted to connect to the server using a command line FTP program. I was able to connect, but it was when trying to get a directory listing using "ls -l" that nothing appeared to be happening. The solution The solution turns out to be very simple. Simply add the following line to the /etc/sysconfig/iptables-config firewall configuration file: IPTABLES_MODULES="ip_conntrack_ftp" and then restart iptables like so: /etc/init.d/iptables restart When iptables restarts you'll see output similar to the following: Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: [ OK ] Loading additional iptables modules: ip_conntrack_ftp [ OK ] That last line shows that the ftp module has been loaded into iptables. I then re-ran my custom iptables script and could now log in successfully and get a directory listing etc. Additional firewall rules One post I read looking at this issue suggested a whole bunch of extra firewall rules, but I didn't seem to need them. Simply adding the above line and restarting iptables seemed to do the trick.