PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : proftpd limitiert die Bandbreite nicht



nobody0
13.05.05, 01:49
Der protfpd limietiert die Bandbreite nicht, so daß im LAN über 1 MByte/s belegt werden und das DSL quasi vom proftpd blockiert wird :mad:
Ich habe nun alles versucht, auch den nice-Level vom proftpd auf 19 zu setzen und so ziemlich alles zur Bandbreitenlimitierung in die Config einzubauen:



# This is a basic ProFTPD configuration file. It establishes a single
# server and a single anonymous login. It assumes that you have a
# user/group "nobody"/"nogroup" for normal operation and anon.

ServerName RedOne
#ServerType inetd
ServerType standalone
ServerAdmin nobodyo<nospam>@</nospam>web.de
ServerIdent on "--= Red One FTP =--"
DeferWelcome on
DefaultServer on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs
# and files from being group and world writable.
Umask 022

# The ratio directives take four numbers: file ratio, initial file
# credit, byte ratio, and initial byte credit. Setting either ratio
# to 0 disables that check.
#
# The directives are HostRatio (matches FQDN -- wildcards are allowed
# in this one), AnonRatio (matches password entered in an anon login,
# usually an email address), UserRatio (accepts "*" for 'any user'),
# and GroupRatio. Matches are looked for in that order.
#
# Some examples:
#
# Ratios on # enable module
# UserRatio ftp 0 0 0 0
# HostRatio anyhost.domain.top 0 0 0 0 # leech access (default)
# GroupRatio proftpd 100 10 5 100000 # 100:1 files, 10 file cred
# AnonRatio auser@domain.top 1 0 1 0 # 1:1 ratio, no credits
# UserRatio * 5 5 5 50000 # special default case
#
# Setting "Ratios on" without configuring anything else will enable
# leech mode: it logs activity and sends status messages to the ftp
# client, but doesn't restrict traffic.

# ScoreboardPath /var/run/proftpd

# Max Connections
# Note that this ONLY works in standalone mode
MaxInstances 6

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files not to be overwriteable.
<Directory />
AllowOverwrite off
</Directory>

LogFormat anonymous "%t[ %u ][ %a ][ %h ][ %r ][ %f ][ %b ]"
#ExtendedLog /var/log/proftpd auth,read,write anonymous
ExtendedLog /var/log/proftpd all anonymous

# MaxConnectionRate -- Maximum TCP socket connection rate
MaxConnectionRate 1

#Synopsis
# ansferRate [ cmds] [ kilobytes-per-sec[:free-bytes]] [ ["user"|"group"|"class" expression]]
#ransferRate APPE,RETR,STOR,STOU 2:1
TransferRate APPE,RETR,STOR,STOU 1:0 user Anonymous
# you may not like the bandwidth control below
# TransferRate RETR|STOR|APPE|STOU KBrate:freebytes
# TransferRate RETR 2:0

# Change the overall daemon rate to 10 KB/s
ShaperAll rate 10

# Give 2 shares to each session by default, and have an overall rate of 2
ShaperAll rate 2 shares 2

# Have a larger number of downshares than upshares
ShaperAll rate 2 downshares 2 upshares 2

# Configure separate download and upload rates
ShaperAll downrate 16 uprate 16

RateReadBPS 2984 # 3Kbit/s max
RateReadFreeBytes 1492 # less than one DSL packet at full speed
RateReadHardBPS on # after 1 DSL packet _forced_ down to 1K/s
RateWriteBPS 2984
RateWriteFreeBytes 1492
RateWriteHardBPS on


<Limit LOGIN>
DenyGroup guests
</Limit>
<Anonymous /srv/ftp>

# MaxConnectionRate -- Maximum TCP socket connection rate
MaxConnectionRate 1

#Synopsis
# ansferRate [ cmds] [ kilobytes-per-sec[:free-bytes]] [ ["user"|"group"|"class" expression]]
#transferRate APPE,RETR,STOR,STOU 2:1
TransferRate APPE,RETR,STOR,STOU 1:0 user Anonymous
# you may not like the bandwidth control below
# TransferRate RETR|STOR|APPE|STOU KBrate:freebytes
# TransferRate RETR 2:0

# Change the overall daemon rate to 10 KB/s
ShaperAll rate 10

# Give 2 shares to each session by default, and have an overall rate of 2
ShaperAll rate 2 shares 2

# Have a larger number of downshares than upshares
ShaperAll rate 2 downshares 2 upshares 2

# Configure separate download and upload rates
ShaperAll downrate 16 uprate 16

<Limit LOGIN>
Order Allow,Deny
Allow from all
Deny from all
</Limit>

MaxClients 3 "no. maximal user count reached (3)."
MaxClientsPerHost 2 "no. maximal host-based login count reached (2)"

RateReadBPS 2984
RateReadFreeBytes 1492
RateReadHardBPS on
RateWriteBPS 2984
RateWriteFreeBytes 1492
RateWriteHardBPS on

AnonRequirePassword off
# AuthAliasOnly on
# AuthUsingAlias on
UserAlias anonymous ftp

# After anonymous login, daemon runs as (ftp, daemon):
User ftp
Group ftp

RequireValidShell off

AccessGrantMsg "Access granted to user: %u "

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin .login
DisplayFirstChdir .message
DisplayQuit .quit
ShowSymlinks on

# Deny write operations to all directories, underneath root-dir
# Default is to allow, so we don't need a <Limit> for read operations.
<Directory *>
AllowRetrieveRestart on
<Limit WRITE>
DenyAll
</Limit>
</Directory>

#<Directory /upload>
#AllowOverwrite on
#<Limit STOR>
#AllowAll
#</Limit>
#</Directory>

#<Directory upload>
#<Limit WRITE STOR CWD XCWD>
#AllowAll
#</Limit>
#<Limit READ DELE MKD RMD XMKD XRMD>
#DenyAll
#</Limit>
#</Directory>

#<Directory upload>
#AllowStoreRestart on
#AllowOverWrite on
#<Limit READ>
#DenyAll
#</Limit>
#<Limit STOR SIZE MKD>
#AllowAll
#</Limit>
#</Directory>


# <Directory upload>
# <Limit STOR CWD XCWD>
# AllowAll
# </Limit>
# <Limit READ DELE MKD RMD XMKD XRMD>
# DenyAll
# </Limit>
# </Directory>


# Only uploads into incoming directory are allowed...
<Directory upload>
# <Limit ALL>
# DenyAll
# </Limit>
# allow resume in uploading
AllowStoreRestart on
AllowOverwrite off
Umask 002
# # ... so deny read/write
<Limit READ WRITE>
DenyAll
</Limit>
# ... allow file storing, but not other writes
<Limit STOR MKD>
AllowAll
</Limit>
# <Limit REST STOR MKD APPE CDUP CWD XCWD XCUP STOU>
# AllowAll
# </Limit>
</Directory>


</Anonymous>


Aber trotzdem belegt der proftpd über 20 kByte/s, so daß beispielsweise Quake3 damit unmöglich wird, weil ich allein zum Access Point einen Ping von über 200 (normalerweise um 10) habe! :(

Wie bekomme ich den proftpd denn bandbreitenlimitiert? :confused:

nobody0
13.05.05, 09:16
Also irgendein Witzbold der proftpd-Coder hat im Quellcode versteckt, daß statt der /etc/proftpd.conf nun die /usr/local/etc/proftpd.conf verwendet wird und in der gibt es keine Limitierungen!!! :eek:

Nach
> rm -rf /usr/local/etc/proftpd.conf
> ln -s /etc/proftpd.conf /usr/local/etc/proftpd.conf

funktioniert es nun mit dieser proftpd.conf:



# This is a basic ProFTPD configuration file. It establishes a single
# server and a single anonymous login. It assumes that you have a
# user/group "nobody"/"nogroup" for normal operation and anon.

ServerName RedOne
#ServerType inetd
ServerType standalone
ServerAdmin nobodyo<nospam>@</nospam>web.de
ServerIdent on "--= Red One FTP =--"
DeferWelcome on
DefaultServer on

# Port 21 is the standard FTP port.
Port 21

# Umask 022 is a good standard umask to prevent new dirs
# and files from being group and world writable.
Umask 022

# The ratio directives take four numbers: file ratio, initial file
# credit, byte ratio, and initial byte credit. Setting either ratio
# to 0 disables that check.
#
# The directives are HostRatio (matches FQDN -- wildcards are allowed
# in this one), AnonRatio (matches password entered in an anon login,
# usually an email address), UserRatio (accepts "*" for 'any user'),
# and GroupRatio. Matches are looked for in that order.
#
# Some examples:
#
# Ratios on # enable module
# UserRatio ftp 0 0 0 0
# HostRatio anyhost.domain.top 0 0 0 0 # leech access (default)
# GroupRatio proftpd 100 10 5 100000 # 100:1 files, 10 file cred
# AnonRatio auser@domain.top 1 0 1 0 # 1:1 ratio, no credits
# UserRatio * 5 5 5 50000 # special default case
#
# Setting "Ratios on" without configuring anything else will enable
# leech mode: it logs activity and sends status messages to the ftp
# client, but doesn't restrict traffic.

# ScoreboardPath /var/run/proftpd

# Max Connections
# Note that this ONLY works in standalone mode
MaxInstances 6

# Set the user and group that the server normally runs at.
User nobody
Group nogroup

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files not to be overwriteable.
<Directory />
AllowOverwrite off
</Directory>

LogFormat anonymous "%t[ %u ][ %a ][ %h ][ %r ][ %f ][ %b ]"
#ExtendedLog /var/log/proftpd auth,read,write anonymous
ExtendedLog /var/log/proftpd all anonymous

# MaxConnectionRate -- Maximum TCP socket connection rate
MaxConnectionRate 4

#Synopsis
# TransferRate [ cmds] [ kilobytes-per-sec[:free-bytes]] [ ["user"|"group"|"class" expression]]
TransferRate APPE,RETR,STOR,STOU 2:1
#TransferRate APPE,RETR,STOR,STOU 1:0 user Anonymous
# you may not like the bandwidth control below
# TransferRate RETR|STOR|APPE|STOU KBrate:freebytes
# TransferRate RETR 2:0

# Change the overall daemon rate to 10 KB/s
# ShaperAll rate 10
# Give 2 shares to each session by default, and have an overall rate of 2
# ShaperAll rate 2 shares 2
# Have a larger number of downshares than upshares
# ShaperAll rate 2 downshares 2 upshares 2
# Configure separate download and upload rates
# ShaperAll downrate 16 uprate 16

#RateReadBPS 2984 # 3Kbit/s max
#RateReadFreeBytes 1492 # less than one DSL packet at full speed
#RateReadHardBPS on # after 1 DSL packet _forced_ down to 1K/s
#RateWriteBPS 2984
#RateWriteFreeBytes 1492
#RateWriteHardBPS on

<Limit LOGIN>
DenyGroup guests
</Limit>
<Anonymous /srv/ftp>

#Synopsis
# TransferRate [ cmds] [ kilobytes-per-sec[:free-bytes]] [ ["user"|"group"|"class" expression]]
TransferRate APPE,RETR,STOR,STOU 2:1
#TransferRate APPE,RETR,STOR,STOU 1:0 user Anonymous
# you may not like the bandwidth control below
# TransferRate RETR|STOR|APPE|STOU KBrate:freebytes
# TransferRate RETR 2:0

<Limit LOGIN>
Order Allow,Deny
Allow from all
Deny from all
</Limit>

MaxClients 6 "no. maximal user count reached (6)."
MaxClientsPerHost 2 "no. maximal host-based login count reached (2)"

AnonRequirePassword off
# AuthAliasOnly on
# AuthUsingAlias on
UserAlias anonymous ftp

# After anonymous login, daemon runs as (ftp, daemon):
User ftp
Group ftp

RequireValidShell off

AccessGrantMsg "Access granted to user: %u "

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin .login
DisplayFirstChdir .message
DisplayQuit .quit
ShowSymlinks on

# Deny write operations to all directories, underneath root-dir
# Default is to allow, so we don't need a <Limit> for read operations.
<Directory *>
AllowRetrieveRestart on
<Limit WRITE>
DenyAll
</Limit>
</Directory>

#<Directory /upload>
#AllowOverwrite on
#<Limit STOR>
#AllowAll
#</Limit>
#</Directory>

#<Directory upload>
#<Limit WRITE STOR CWD XCWD>
#AllowAll
#</Limit>
#<Limit READ DELE MKD RMD XMKD XRMD>
#DenyAll
#</Limit>
#</Directory>

#<Directory upload>
#AllowStoreRestart on
#AllowOverWrite on
#<Limit READ>
#DenyAll
#</Limit>
#<Limit STOR SIZE MKD>
#AllowAll
#</Limit>
#</Directory>


# <Directory upload>
# <Limit STOR CWD XCWD>
# AllowAll
# </Limit>
# <Limit READ DELE MKD RMD XMKD XRMD>
# DenyAll
# </Limit>
# </Directory>


# Only uploads into incoming directory are allowed...
<Directory upload>
# <Limit ALL>
# DenyAll
# </Limit>
# allow resume in uploading
AllowStoreRestart on
AllowOverwrite off
Umask 002
# # ... so deny read/write
<Limit READ WRITE>
DenyAll
</Limit>
# ... allow file storing, but not other writes
<Limit STOR MKD>
AllowAll
</Limit>
# <Limit REST STOR MKD APPE CDUP CWD XCWD XCUP STOU>
# AllowAll
# </Limit>
</Directory>

</Anonymous>


In Zukunft werde ich nach jeder proftpd-Installation sowohl die Download-Bandbreite als auch die Welcome-Message überprüfen!

nobody0
13.05.05, 09:42
Gemäß Murphys Law gibt's nun ein ganz anderes (kleines) Problem: Die Zeit im Log-File (xferlog) stimmt nicht; es fehlen 2 Stunden, so daß jetzt 7:31 statt 9:31 drinn steht.
Woran liegt das denn? :confused:

An der System-Zeit kann es nicht liegen, denn die ist ungeändert und per DCF77-Empfänger mittels ntp synchronisiert (auf MEZ).