Several VSFTPD settings options not working

[flipz]

I've been running unraid 4.7 for a long time now. Last weekend I updated to 5.0-rc8a and I decided it was a good time to actually configure VSFTPD so that I could use it as I often let my friends outside of my network download from my server. I had previously always used lighthttpd for this task but I had wanted something more secure, I just never got around to fully setting up ftp on 4.7. I'm no pro but I am a fairly advanced user so I'm well aware of the security risks, of reasons to not use ftp, etc. I'm not concerned about any of that, I just want to address the issues I'm having.

 

I have it 100% configured and nearly all of my options in /etc/vsftpd.conf are working, but there are 2 that I'm noticing that aren't and they're both important to me for security and for preventing my server from getting overloaded.

 

1) listen_port=2121

 

No matter what I set this option to, it still continues to only work on port 21. Is there somewhere else to change this setting on unraid to make it run on a different port? Using netstat I noticed that the listening port appears as

 

tcp        0      0 *:ftp                   *:*                     LISTEN

 

I assume the fact that it's just called ":ftp" instead of an actual port number has something to do with it, but I'm not sure where to change that. Every thing I google for vsftpd config all says I just need to change listen_port.

 

2) max_per_ip=1

 

Even with this set to 1 it still continues to let the same person log in multiple times, and allows multiple downloads at once (which is the real thing I'm trying to prevent). Here is a netstat and ps -ef showing that the same account and same ip are connected more than once with no issue.

 

netstat -a | grep 192.168.1.101:ftp
tcp        0      0 192.168.1.101:ftp       192.168.1.14:51224      ESTABLISHED
tcp        0      0 192.168.1.101:ftp       192.168.1.14:51225      ESTABLISHED

ps -ef | grep vsftpd
nobody   31430  1102  0 08:44 ?        00:00:00 vsftpd
htpc     31432 31430  0 08:44 ?        00:00:00 vsftpd
nobody   31451  1102  0 08:44 ?        00:00:00 vsftpd
htpc     31453 31451  0 08:44 ?        00:00:00 vsftpd

 

Is there any particular reason that these 2 options wouldn't work, when all of my others do? I'll paste my whole conf file below in case anyone would like to see it. If you see any completely obvious security issues, feel free to let me know. But other than that I'd really just like to talk about the actual issues as I said. I keep saying this because while looking at other vsftpd.conf threads it seems they constantly get hijacked by people who are just telling them how they shouldn't be using ftp.

 

Thanks for any help!

 

#
# Logging to syslog
syslog_enable=YES
# Misc.
dirmessage_enable=NO
ls_recurse_enable=YES
# Changes made by me
local_root=/mnt/user/Videos
anon_upload_enable=NO
anon_other_write_enable=NO
anon_mkdir_write_enable=NO
anon_world_readable_only=NO
guest_enable=NO
log_ftp_protocol=YES
xferlog_enable=YES
xferlog_file=/var/log/vsftpd-transfers.log
ftpd_banner=Welcome to BrentFlix
local_enable=YES
listen_port=2121
connect_from_port_20=YES
chroot_local_user=YES
anonymous_enable=NO
local_max_rate=450000
max_per_ip=1
max_clients=3

[natdeamer]

Were you ever able to change the port of vsftpd?

 

I added listen_port=2121 to my vsftpd.conf and restarted using "/etc/rc.d/rc.inetd restart" - but it didn't work and still uses port 21