From owner-freebsd-stable@FreeBSD.ORG Fri Jan 6 18:23:13 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 97424106566C for ; Fri, 6 Jan 2012 18:23:13 +0000 (UTC) (envelope-from mwaltz@PACIFIC.EDU) Received: from mx10.pacific.edu (mx10.pacific.edu [138.9.240.95]) by mx1.freebsd.org (Postfix) with ESMTP id 6EAE88FC22 for ; Fri, 6 Jan 2012 18:23:13 +0000 (UTC) Received: from mx10.pacific.edu (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 0E2277505; Fri, 6 Jan 2012 10:23:13 -0800 (PST) Received: from mwaltz1.it.pacific.edu (mwaltz1.it.pacific.edu [10.3.4.10]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: mwaltz1@pacific.edu) by mx10.pacific.edu (Postfix) with ESMTPSA id DC8B77503; Fri, 6 Jan 2012 10:23:12 -0800 (PST) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: Malcolm Waltz In-Reply-To: <00da1657ca8d3a9e26d1f1ed851a2969.squirrel@webmail.ee.ryerson.ca> Date: Fri, 6 Jan 2012 10:23:11 -0800 Content-Transfer-Encoding: quoted-printable Message-Id: References: <4F059BEA.3000508@denninger.net> <4F05A7D5.8000403@infracaninophile.co.uk> <4F05AF28.5010900@denninger.net> <3FC253955232794A901643A205013D3617B6F15C@exmb2.stk.pacific.edu> <00da1657ca8d3a9e26d1f1ed851a2969.squirrel@webmail.ee.ryerson.ca> To: David Magda X-Mailer: Apple Mail (2.1084) X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2012.1.6.181514 X-PerlMx-Spam: Gauge=IIIIIIII, Probability=8%, Report=' SUPERLONG_LINE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1400_1499 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, DATE_TZ_NA 0, FROM_EDU_TLD 0, NO_URI_FOUND 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __MIME_VERSION_APPLEMAIL 0, __MSGID_APPLEMAIL 0, __PHISH_SPEAR_STRUCTURE_1 0, __SANE_MSGID 0, __TO_MALFORMED_2 0, __USER_AGENT_APPLEMAIL 0, __X_MAILER_APPLEMAIL 0' Cc: "freebsd-stable@freebsd.org" Subject: Re: FTPS Server? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jan 2012 18:23:13 -0000 On Jan 6, 2012, at 6:48 AM, David Magda wrote: > On Thu, January 5, 2012 14:28, Malcolm Waltz wrote: >=20 >> I've included a working vsftpd.conf below for FTPES. For what you = are >> doing, you may not need all of these parameters. The pasv_ = parameters are >> mostly only necessary if you need to serve data through a = NAT/firewall. >> The pasv_min_port and pasv_max_port will effect how many simultaneous >> connections can be supported by the server. You may have to try = various >> permutations depending on how EyeFi has implemented their client. If = you >> Google vsftpd.conf, you will probably find various sets of = instructions >> for how to set it up for your needs. It helps if you know exactly = what >> the client is expecting. There are a number of variations on the >> standard. vsftpd can handle all of them I believe. Also tools like >> tcpdump, wireshark, netstat and lsof are your friends here. > [...] >=20 > Are/Were there any special settings that needed on your > firewall/router/NAT box? >=20 Nothing special. Inbound access from the Internet to the server on TCP = 21 in addition to the full range of ports specified by the pasv_min_port = and pasv_max_port in the vsftpd.conf. The host is also running a = host-based firewall (pf). Here's the pf.conf line that applies: pass in quick on $ext_if proto tcp from any to port = { 21, : } keep state