I run a Fedora mirror, mirror.hiwaay.net, and I run vsftpd from
xinetd. I've got the following in /etc/xinetd.d/vsftpd:
# vsftpd is the secure FTP server.
disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
server_args = /etc/vsftpd/vsftpd.conf
per_source = 3
instances = 150
cps = 50 5
banner_fail = /etc/vsftpd.busy_banner
log_on_success += PID HOST DURATION
log_on_failure += HOST
flags = NOLIBWRAP KEEPALIVE
However, either xinetd is losing track of connections, not counting
correctly, or ignoring the "instances" line; right now (after the FC2
release), I've got 482 active connections (so the people downloading
are getting _really_ slow rates).
I think this used to work, but there haven't been any xinetd updates,
so unless a kernel update broke it, I don't know why it would have
In a couple of weeks (i.e. after the initial FC2 rush is off) I'll
upgrade to FC2 and see what that does. If I get a chance, I'll go
ahead and try the FC2 xinetd (rebuilt under FC1).
A little more poking: it really looks like xinetd "leaks" under load.
I checked the log, and I do see "FAIL: ftp service_limit" messages.
I stopped xinetd (and killed the open connections) and restarted it,
and it seems to be holding steady at 150. It also is logging a _lot_
more "FAIL: ftp service_limit" messages now.
Fedora Core 1 is maintained by the Fedora Legacy project for security updates
only. If this problem is a security issue, please reopen and reassign to the
Fedora Legacy product. If it is not a security issue and hasn't been resolved in
the current FC5 updates or in the FC6 test release, reopen and change the
version to match.
NOTE: Fedora Core 1 is reaching the final end of support even by the Legacy
project. After Fedora Core 6 Test 2 is released (currently scheduled for July
26th), there will be no more security updates for FC1. Please use these next two
weeks to upgrade any remaining FC1 systems to a current release.
Note that FC1 and FC2 are no longer supported even by Fedora Legacy. Many
changes have occurred since these older releases. Please install a supported
version of Fedora Core and retest. If this still occurs on FC3 or FC4, please
assign to that version and Fedora Legacy. If it still occurs on FC5 or FC6,
please reopen and assign to the correct version. Thanks!