flipz Posted November 2, 2012 Share Posted November 2, 2012 I've been running unraid 4.7 for a long time now. Last weekend I updated to 5.0-rc8a and I decided it was a good time to actually configure VSFTPD so that I could use it as I often let my friends outside of my network download from my server. I had previously always used lighthttpd for this task but I had wanted something more secure, I just never got around to fully setting up ftp on 4.7. I'm no pro but I am a fairly advanced user so I'm well aware of the security risks, of reasons to not use ftp, etc. I'm not concerned about any of that, I just want to address the issues I'm having. I have it 100% configured and nearly all of my options in /etc/vsftpd.conf are working, but there are 2 that I'm noticing that aren't and they're both important to me for security and for preventing my server from getting overloaded. 1) listen_port=2121 No matter what I set this option to, it still continues to only work on port 21. Is there somewhere else to change this setting on unraid to make it run on a different port? Using netstat I noticed that the listening port appears as tcp 0 0 *:ftp *:* LISTEN I assume the fact that it's just called ":ftp" instead of an actual port number has something to do with it, but I'm not sure where to change that. Every thing I google for vsftpd config all says I just need to change listen_port. 2) max_per_ip=1 Even with this set to 1 it still continues to let the same person log in multiple times, and allows multiple downloads at once (which is the real thing I'm trying to prevent). Here is a netstat and ps -ef showing that the same account and same ip are connected more than once with no issue. netstat -a | grep 192.168.1.101:ftp tcp 0 0 192.168.1.101:ftp 192.168.1.14:51224 ESTABLISHED tcp 0 0 192.168.1.101:ftp 192.168.1.14:51225 ESTABLISHED ps -ef | grep vsftpd nobody 31430 1102 0 08:44 ? 00:00:00 vsftpd htpc 31432 31430 0 08:44 ? 00:00:00 vsftpd nobody 31451 1102 0 08:44 ? 00:00:00 vsftpd htpc 31453 31451 0 08:44 ? 00:00:00 vsftpd Is there any particular reason that these 2 options wouldn't work, when all of my others do? I'll paste my whole conf file below in case anyone would like to see it. If you see any completely obvious security issues, feel free to let me know. But other than that I'd really just like to talk about the actual issues as I said. I keep saying this because while looking at other vsftpd.conf threads it seems they constantly get hijacked by people who are just telling them how they shouldn't be using ftp. Thanks for any help! # # Logging to syslog syslog_enable=YES # Misc. dirmessage_enable=NO ls_recurse_enable=YES # Changes made by me local_root=/mnt/user/Videos anon_upload_enable=NO anon_other_write_enable=NO anon_mkdir_write_enable=NO anon_world_readable_only=NO guest_enable=NO log_ftp_protocol=YES xferlog_enable=YES xferlog_file=/var/log/vsftpd-transfers.log ftpd_banner=Welcome to BrentFlix local_enable=YES listen_port=2121 connect_from_port_20=YES chroot_local_user=YES anonymous_enable=NO local_max_rate=450000 max_per_ip=1 max_clients=3 Quote Link to comment
natdeamer Posted December 29, 2012 Share Posted December 29, 2012 Were you ever able to change the port of vsftpd? I added listen_port=2121 to my vsftpd.conf and restarted using "/etc/rc.d/rc.inetd restart" - but it didn't work and still uses port 21 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.