cleeus.de - vsftpd

Main Menu

fetchmail / spamassassin

SVN Kurzanleitung

man wiki2beamer

vsftpd

Written by Kai Dietrich
Tuesday, 02 January 2007
VSFTPD behind a dsl router vsftpd has the possibility to set the adress it sends to connecting passive clients. Unfortunatly this address has to be a given numeric IP (up to version 2.0.3, more following). Putting in your dyndns account address just results in the following when a client connects: Command: PASV Response: 500 OOPS: invalid pasv_address Response: 500 OOPS: child died Until up to version 2.0.3 the only solution seems to be to set up a cron job which periodically rewrites your vsftpd.conf and restarts the server. Since version 2.0.4 there is an option to DNS-resolve the pasv_address. Taken from the changelog: - Add pasv_addr_resolve option to allow pasv_address to get DNS resolved once at startup. Found here : (posted by apietrom on 07-26-2005, 02:19 PM) #!/bin/sh #vsftpd.conf IP update vsftpd_conf=/etc/vsftpd/vsftpd.conf vsftpd_log=/var/log/vsftpd.log my_ip=`host xxxxx.dyndns.org \| cut -f4 -d" "` vsftpd_ip=`grep pasv_address $vsftpd_conf \| cut -f2 -d=` if [ "$my_ip" != "$vsftpd_ip" ] ; then ( echo ",s/$vsftpd_ip/$my_ip/g" && echo w ) \| ed - $vsftpd_conf echo `date` "$vsftpd_conf updated with $my_ip IP address" >> $vsftpd_log /etc/init.d/vsftpd restart >> $vsftpd_log fi tested and it seems to work fine. But there still is an problem - if vsftpd isn't running because you stopped it manually, the cronjob will restart it automatically. Here is a version which checks whether vsftpd is allready running and calls /etc/init.d/vsftpd restart if it is (well, I'm not good at writing shellscript): #!/bin/sh #vsftpd.conf IP update vsftpd_conf=/etc/vsftpd/vsftpd.conf vsftpd_log=/var/log/vsftpd.log my_ip=`host xxxxx.dyndns.org \| cut -f4 -d" "` vsftpd_ip=`grep pasv_address $vsftpd_conf \| cut -f2 -d=` if [ "$my_ip" != "$vsftpd_ip" ] ; then #check if vsftpd is already running if ps -A \| grep vsftpd &> /dev/null then ( echo ",s/$vsftpd_ip/$my_ip/g" && echo w ) \| ed - $vsftpd_conf echo `date` "$vsftpd_conf updated with $my_ip IP address" >> $vsftpd_log /etc/init.d/vsftpd restart >> $vsftpd_log fi fi Some hints for the vsftpd.conf for setting up a low-security ftp server: hide_ids=YES anon_max_rate=10240 secure_email_list_enable=YES pasv_max_port=xxx pasv_min_port=xxx trans_chunk_size=8192 max_per_ip=1 max_clients=1 pasv_address=xxx.xxx.xxx.xxx
Last Updated ( Tuesday, 02 January 2007 )