Vsftpd runs in two modes of operation mode and standalone mode -xinetd
vsftpd provides standalone and inetd (inetd or xinetd) two modes of operation.
- standalone time activation, during operation always reside in memory, the advantage of quick access signal response, the disadvantage is the loss of system resources, it is often applied to the real-time reaction requires high professional FTP server.
- xinetd contrary, because the process is called only when the FTP connection request is sent externally, and therefore not suitable for connecting a larger number of systems at the same time. In addition, inetd mode does not take up system resources. In addition to the two effects of reaction speed and footprint, vsftpd also provides some additional advanced features such as xinetd mode support per_IP (single IP) restrictions, while standalone mode is more conducive to the application of PAM authentication functions.
xinetd mode of operation
Most newer system uses xinetd super service daemon. Use "vi /etc/xinetd.d/vsftpd" look at its contents, as follows:
disable = no
socket_type = stream
wait = noThis indicates that the device is activated, it is using the standard TCP Sockets.
If there is "/etc/vsftpd.conf" option in the "listen = YES", it is written off
Finally, restart xinetd, the following command:
/etc/rc.d/init.d/xinetd restartNote that, "/ etc / xinetd.d" directory can only open an FTP service.
standalone mode
standalone mode PAM facilitate verification. To enter this mode first close under vsftpd xinetd, set
"Disable = yes", or written off "/etc/inetd.conf" in the appropriate line. Then modify "/etc/vsftpd.conf" option in the "listen = YES".
参考官方:The difference between "standalone mode" and "xinetd mode" is who will accept the initial connection request. The "standalone mode" will accept the request by itself, but "xinetd mode" will use xinetd to accept the request, fork a server process, and redirect the connection to the new process.
If standlone mode, then it is launched as a separate service, the system does not need cooperation, not as a system service, If we become xinetd mode, it is necessary to service the restricted system services, such as creating a new service process, but there are also disadvantages, if xinetd service itself is a problem, then the associated services will also be affected.
Difference xinetd mode and standalone mode
Xinetd mode service indicates that the service is running in daemon process is not performed to FTPD process as an example:
Xinetd service running in this mode, this is the case, is in itself FTP service listens on port 21 , but the service is running in this mode, then port 21 by xinetd process to monitor (this time FTPD service is not running ).
If your card has received port 21 request, the process will have to call FTPD xinetd program, the port received 21 requests in the data handed over to the FTPD process to deal with, dealt with FTPD withdraw from the process, and the process continues xinetd listening on port 21. This is somewhat similar to the windows of svhost process;
The service operating in standalone mode is a service process, such as vsftpd as a daemon running in memory after receiving the request port 21 out from the FTPD process fork a child process for processing, and the original process continues to listen on port 21.