Setting up mod_ftp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 Hi everyone,
I am trying, initially, to set up an anonymously accessed, blind incoming folder using ssl-based ftp. I've downloaded and compiled ftp_mod, configured it and have it working as expected within the local network, but am having issues getting the settings correct for internet access. On our router, we've put in rules for inbound connections from any source IP to [WANIP]:990 to be forwarded to [LANIP]:990 and this has made it possible to connect and anonymously authenticate, but not to get a data connection. I was under the impression that setting FTPPASVaddr to the WANIP would provide the proper PORT response to allow the data connection without router configuration changes. However, if I did not set FTPPASVbindaddr, it still sent the LANIP back in the PORT command to the client. (not sure if this is a bug...) Once I set both, it did send the WANIP in the PORT command, but I was still not able to achieve a data connection. 
Any help would be greatly appreciated!
Thanks,
Larry Irwin
CCA Medical
Versions: Debian Etch 2.6.18-6-amd64, httpd-2.2.22.tar.gz, mod_ftp-0.9.6-beta.tar.gz Folders: drwxrwxrwx 3 root root 4096 Nov 12 17:42 sftp, d-wx-wx-wx 2 root root 4096 Nov 13 14:40 sftp/incoming Entries added to httpd.conf: LoadModule ftp_module modules/mod_ftp.so, Include conf/extra/ftpd.conf 
Content of ftpd.conf:
<IfModule mod_log_config.c>
  LogFormat "%u [%a] %r" command_log_fmt
LogFormat "%{%b %e %H:%M:%S %Y}t %T %a %B %U %M %F %d %W %u %S %Z %Y" transfer_log_fmt 
</IfModule>
Listen [LANIP]:990 ftp
AcceptFilter ftp none
SSLPassPhraseDialog     builtin
SSLSessionCache         "dbm:/usr/local/apache2/logs/ssl_scache"
SSLSessionCache         "shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300
SSLMutex                "file:/usr/local/apache2/logs/ssl_mutex"
<VirtualHost [LANIP]:990>
  FTPPASVaddr [WANIP]
  FTPPASVbindaddr [WANIP]
  FTPOptions AllowProxyPASV AllowProxyPORT
  ServerAdmin  you@xxxxxxxxxxxxxxx
  DocumentRoot "/u/ftp/sftp"
  FTP On
<Directory "/u/ftp/sftp">
    AuthName "Use 'anonymous' and email address for guest entry"
    AuthType basic
</Directory>
<Directory "/u/ftp/sftp">
<Limit MKD RMD STOR DELE RNFR>
      Order deny,allow
      Deny from all
</Limit>
</Directory>
<Directory "/u/ftp/sftp/incoming">
<LimitExcept MKD RMD STOR DELE RNFR>
      Order deny,allow
      Allow from all
</LimitExcept>
</Directory>
  ErrorLog     "logs/ftp_error_log"
  SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 
  SSLCertificateFile "/usr/local/apache2/conf/server.crt"
  SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
  FTPImplicitSSL On
</VirtualHost>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux