Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 6 Jan 2012 10:23:11 -0800
From:      Malcolm Waltz <mwaltz@PACIFIC.EDU>
To:        David Magda <dmagda@ee.ryerson.ca>
Cc:        "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>
Subject:   Re: FTPS Server?
Message-ID:  <F67EE983-6787-4CFD-B8C4-739E8E3CEA5A@PACIFIC.EDU>
In-Reply-To: <00da1657ca8d3a9e26d1f1ed851a2969.squirrel@webmail.ee.ryerson.ca>
References:  <4F059BEA.3000508@denninger.net> <4F05A7D5.8000403@infracaninophile.co.uk> <4F05AF28.5010900@denninger.net> <3FC253955232794A901643A205013D3617B6F15C@exmb2.stk.pacific.edu> <00da1657ca8d3a9e26d1f1ed851a2969.squirrel@webmail.ee.ryerson.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Jan 6, 2012, at 6:48 AM, David Magda wrote:

> On Thu, January 5, 2012 14:28, Malcolm Waltz wrote:
>=20
>> I've included a working vsftpd.conf below for FTPES.  For what you =
are
>> doing, you may not need all of these parameters.  The pasv_ =
parameters are
>> mostly only necessary if you need to serve data through a =
NAT/firewall.
>> The pasv_min_port and pasv_max_port will effect how many simultaneous
>> connections can be supported by the server.  You may have to try =
various
>> permutations depending on how EyeFi has implemented their client.  If =
you
>> Google vsftpd.conf, you will probably find various sets of =
instructions
>> for how to set it up for your needs.  It helps if you know exactly =
what
>> the client is expecting.  There are a number of variations on the
>> standard.  vsftpd can handle all of them I believe.  Also tools like
>> tcpdump, wireshark, netstat and lsof are your friends here.
> [...]
>=20
> Are/Were there any special settings that needed on your
> firewall/router/NAT box?
>=20

Nothing special.  Inbound access from the Internet to the server on TCP =
21 in addition to the full range of ports specified by the pasv_min_port =
and pasv_max_port in the vsftpd.conf.  The host is also running a =
host-based firewall (pf).  Here's the pf.conf line that applies:
pass in quick on $ext_if proto tcp from any to <internal-server-IP> port =
{ 21, <pasv_min_port>:<pasv_max_port> } keep state

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F67EE983-6787-4CFD-B8C4-739E8E3CEA5A>