I would like to set a very long Timeout for no ftp transfer.

I have 2 users in my configuration. The first with a 900 s. timeout and the second with just 300 s. Why ?


I see in the top of the configuration file /etc/proftpd.conf :

TimeoutNoTransfer 900

Why i get a timeout of 300 s. for the second user ?
How can i set a very long time for ALL users ?

It's either a bug in how ProFTPd handles configuration directives, or a bug in our understanding in how it handles them.

(And if the latter, then DA "fell for it", so to speak.)

Let's look at lines 6-10 (on my system anyway) of the proftpd.conf file:

UseReverseDNS off
TimeoutLogin 120
TimeoutIdle 600
TimeoutNoTransfer 900
TimeoutStalled 3600

These five configuration options are listed outside any scope modifiers (<Global>, for example, is a scope modifier) so their context is "server config".

Now, grepping from the ProFTPd online documentation, let's look at their possible scopes and defaults:

UseReverseDNS off server config
TimeoutLogin 120 server config, <VirtualHost>, <Global> (default 300)
TimeoutIdle 600 server config, <VirtualHost>, <Global> (default 600)
TimeoutNoTransfer 900 server config, <VirtualHost>, <Global> (default 300)
TimeoutStalled 3600 server config, <VirtualHost>, <Global> (default 3600)

Note that of these four configuration directives, only the first has an allowed scope of only server config. This directive acts across all instances of the server, as you'd expect.

The others have an allowed scope of server config, <VirtualHost>, and <Global>.

I'd think, and you'd probably think, that the server config scope would be a superset of <Global> and would work accordingly.

A check of the ProFTPd online documentation (look here (http://www.proftpd.org/docs/directives/linked/by-context.html)) shows that even the ProFTPd document workers don't understand that's true, though; look at the various links from this page and you'll see that for all the scopes, the Description field has been left for a later fix.

But behavior tells us something; it tells us that the <Global> scope is NOT a superset of the server config scope.

The interesting question should probably be "Why does any user at all have a TimeoutNoTransfer of 600; why don't they all have a TimeoutNoTransfer of 300, which is the default?"

But I can't answer that question.

What I can tell you is that if you copy lines 7 through 10 from the server config scope (that's the top, and you should only copy them, not cut them), and paste them inside the <Global> scope, you'll get the behavior you're looking for.

Thanks to user vetrun who, in a post on May 17th, Hole in IPChains FW for passive FTP, in the General Technical Discussion & Troubleshooting area, pointed me in the right direction as to the differences between server config scope and <Global> scope.

In the same post, John has promised us a template for the proftpd.conf file, in the next DA revision.
In the meantime you can just do the copy and paste route, and then restart ProFTPd if you've got it running as a daemon.

Jeff

Thanks

I will try that....