FTPS Server?

Malcolm Waltz mwaltz at PACIFIC.EDU
Fri Jan 6 18:23:13 UTC 2012


On Jan 6, 2012, at 6:48 AM, David Magda wrote:

> On Thu, January 5, 2012 14:28, Malcolm Waltz wrote:
> 
>> I've included a working vsftpd.conf below for FTPES.  For what you are
>> doing, you may not need all of these parameters.  The pasv_ parameters are
>> mostly only necessary if you need to serve data through a NAT/firewall.
>> The pasv_min_port and pasv_max_port will effect how many simultaneous
>> connections can be supported by the server.  You may have to try various
>> permutations depending on how EyeFi has implemented their client.  If you
>> Google vsftpd.conf, you will probably find various sets of instructions
>> for how to set it up for your needs.  It helps if you know exactly what
>> the client is expecting.  There are a number of variations on the
>> standard.  vsftpd can handle all of them I believe.  Also tools like
>> tcpdump, wireshark, netstat and lsof are your friends here.
> [...]
> 
> Are/Were there any special settings that needed on your
> firewall/router/NAT box?
> 

Nothing special.  Inbound access from the Internet to the server on TCP 21 in addition to the full range of ports specified by the pasv_min_port and pasv_max_port in the vsftpd.conf.  The host is also running a host-based firewall (pf).  Here's the pf.conf line that applies:
pass in quick on $ext_if proto tcp from any to <internal-server-IP> port { 21, <pasv_min_port>:<pasv_max_port> } keep state



More information about the freebsd-stable mailing list