From owner-freebsd-questions@FreeBSD.ORG Tue Jul 22 08:06:31 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A32DA37B401 for ; Tue, 22 Jul 2003 08:06:31 -0700 (PDT) Received: from web40612.mail.yahoo.com (web40612.mail.yahoo.com [66.218.78.149]) by mx1.FreeBSD.org (Postfix) with SMTP id 36D3F43F85 for ; Tue, 22 Jul 2003 08:06:31 -0700 (PDT) (envelope-from deesto@yahoo.com) Message-ID: <20030722150631.94843.qmail@web40612.mail.yahoo.com> Received: from [24.186.214.24] by web40612.mail.yahoo.com via HTTP; Tue, 22 Jul 2003 08:06:31 PDT Date: Tue, 22 Jul 2003 08:06:31 -0700 (PDT) From: John DeStefano To: Lowell Gilbert In-Reply-To: <443cgyj0gl.fsf@be-well.ilk.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-questions@freebsd.org Subject: Re: configure ftpd port range X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jul 2003 15:06:32 -0000 --- Lowell Gilbert wrote: > John DeStefano writes: > > > Due to ISP restrictions, I must change the default port on which > ftpd > > runs in order to enable ftp access to and from my machine. > > That would violate the FTP spec, and isn't supported (IIRC) by the > standard FreeBSD ftpd. > > > I had to do the same for my httpd server, but that information was > a > > bit more accessible. > > Reading material has been sparse, but I've read that adding a port > > number/range to the ftpd entry /etc/services and /etc/inetd.conf > might > > do the trick. > > Is this an acceptible way of going about changing the ftp ports? > > It won't work. > > > If this box is sitting behind a hardware firewall (Linksys router), > what > > range would you recommend I open in the firewall for a maximum of 5 > > ftp users? Same question for security on the FBSD box itself? > > This is going to be a royal pain anyway. The FTP protocol is tricky > to get through firewalls, and *very* tricky to get through NAT. > > If you can use, e.g., scp(1) to move your files around, you'll be in > much better shape -- FTP passes cleartext passwords. However, if > you're really stuck on FTP (and I am not encouraging you to violate > your contract with your ISP, but just giving the advice for > informational purposes), there are other FTP daemons that can change > the base ports. You'll need to punch holes for the data ports, > though. SO, strangely enough, it sounds like moving away from the stock ftpd, and using a 3PP daemon to configure the new ports, is the way to go. Any suggestions? > > Quick sidebar: DNS is setting my domainname to my ISP's domain, > > not my local domain, which is causing some problems. "man > > domainname" tells me " The super-user can set the domain name by > > supplying an argument", which I assume means "domainname > > ". But this setting does not stick on reboot. Is there an > > > easy fix? > > According to the FreeBSD Handbook, the FreeBSD FAQ, and the > rc.conf(5) > manual, setting "hostname" in /etc/rc.conf is what you're looking for. Yes, thanks for reminding me. I'd seen that solution and implemented it. Unfortunately, something has changed my setting: # cat /etc/rc.conf |grep hostname #hostname="gandalf.istari" hostname="gandalf" hostname="gandalf.Optonline.net" How to keep this from getting changed automatically? Thanks, John __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com