Ссылки:
|
1 2 3 4 5 6 |
https://wiki.debian.org/ru/vsftpd http://www.aitishnik.ru/linux/ftp-server-debian.html https://serverfault.com/questions/421161/how-to-configure-vsftpd-to-work-with-passive-mode http://unix.ck.ua/content/ustanovka-nastroika-vsftpd https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT https://wiki.mikrotik.com/wiki/Manual:IP/Services |
debian + vsftpd
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
0. apt install vsftpd 1. nano /etc/vsftpd.conf - пример конфига ------------------------ listen=YES listen_ipv6=NO anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES <pre class="lang:default decode:true " >1 |
chroot_local_user=NO
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
chown_uploads=YES
chown_username=www-data
pasv_enable=Yes — пассивный режим
pasv_max_port=10100 — пассивный режим
pasv_min_port=10090 — пассивный режим
————————
2. Смена домашнего каталога для user1
usermod -d /var/www/html/ user1
mikrotik примерная настройка
|
1 2 3 4 5 6 7 8 |
/ip firewall nat add action=dst-nat chain=dstnat comment="ftp" dst-address=внешний_адрес dst-port=20,21,10090-10100 in-interface=ether5-gw protocol=tcp src-address-list=ftp to-addresses=внутренний /ip firewall filter add action=accept chain=forward comment="ftp" dst-port=20,21,10090-10100 in-interface=ether5-gw protocol=tcp src-address-list=ftp /ip firewall service-port set ftp disabled=yes |
Еще пример конфига (/etc/vsftpd.conf):
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
### https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-16-04 ftpd_banner=Welcome to PureFTPd 1.5.250 listen=YES anonymous_enable=NO anon_upload_enable=NO local_enable=YES write_enable=YES local_umask=022 local_root=/tftp/config chroot_local_user=YES allow_writeable_chroot=YES hide_ids=YES max_per_ip=10 log_ftp_protocol=YES xferlog_enable=YES xferlog_file=/var/log/vsftpd.log chown_uploads=YES chown_username=tftp ###virutal user settings user_config_dir=/etc/vsftpd/users.d guest_enable=YES virtual_use_local_privs=YES pam_service_name=vsftpd nopriv_user=tftp guest_username=tftp ###fix seccomp_sandbox=NO #rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key ssl_enable=NO #force_local_data_ssl=YES #force_local_logins_ssl=YES #ssl_tlsv1=YES #ssl_sslv2=NO #ssl_sslv3=NO #require_ssl_reuse=NO #ciphers=HIGH utf8_filesystem=YES pasv_enable=Yes pasv_min_port=20001 pasv_max_port=20100 |