[sllug-members]: vsftpd problems
Kevin Pendleton
kevin at roundsphere.com
Thu Feb 7 20:59:35 MST 2008
Lamont Peterson said:
> Option 2 will work very nicely and keeps the firewall and DNAT configurations
> simple, too. However, most FTP server implementations do not support such a
> feature. Last I checked (admitidly, it was more than a year ago), vsftpd
> doesn't
This is actually very easy with vsftpd. Just decide what "random" ports
you want to use and specify it in vsftpd.conf and with your firewall:
vsftpd.conf:
pasv_min_port=36768
pasv_max_port=36800
iptables:
# Allow Passive FTP Ports
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 36768:36800
-j ACCEPT
Good luck!
Kevin Pendleton
http://utahsysadmin.com/
More information about the sllug-members
mailing list