Ссылки:
https://wiki.debian.org/ru/vsftpd http://www.aitishnik.ru/linux/ftp-server-debian.html https://serverfault.com/questions/421161/how-to-configure-vsftpd-to-work-with-passive-mode http://unix.ck.ua/content/ustanovka-nastroika-vsftpd https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT https://wiki.mikrotik.com/wiki/Manual:IP/Services
debian + vsftpd
0. apt install vsftpd 1. nano /etc/vsftpd.conf - пример конфига ------------------------ listen=YES listen_ipv6=NO anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES1chroot_local_user=NO
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
ssl_enable=NO
chown_uploads=YES
chown_username=www-datapasv_enable=Yes - пассивный режим
pasv_max_port=10100 - пассивный режим
pasv_min_port=10090 - пассивный режим
------------------------2. Смена домашнего каталога для user1
usermod -d /var/www/html/ user1mikrotik примерная настройка
/ip firewall nat add action=dst-nat chain=dstnat comment="ftp" dst-address=внешний_адрес dst-port=20,21,10090-10100 in-interface=ether5-gw protocol=tcp src-address-list=ftp to-addresses=внутренний /ip firewall filter add action=accept chain=forward comment="ftp" dst-port=20,21,10090-10100 in-interface=ether5-gw protocol=tcp src-address-list=ftp /ip firewall service-port set ftp disabled=yesЕще пример конфига (/etc/vsftpd.conf):
### https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-for-a-user-s-directory-on-ubuntu-16-04 ftpd_banner=Welcome to PureFTPd 1.5.250 listen=YES anonymous_enable=NO anon_upload_enable=NO local_enable=YES write_enable=YES local_umask=022 local_root=/tftp/config chroot_local_user=YES allow_writeable_chroot=YES hide_ids=YES max_per_ip=10 log_ftp_protocol=YES xferlog_enable=YES xferlog_file=/var/log/vsftpd.log chown_uploads=YES chown_username=tftp ###virutal user settings user_config_dir=/etc/vsftpd/users.d guest_enable=YES virtual_use_local_privs=YES pam_service_name=vsftpd nopriv_user=tftp guest_username=tftp ###fix seccomp_sandbox=NO #rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem #rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key ssl_enable=NO #force_local_data_ssl=YES #force_local_logins_ssl=YES #ssl_tlsv1=YES #ssl_sslv2=NO #ssl_sslv3=NO #require_ssl_reuse=NO #ciphers=HIGH utf8_filesystem=YES pasv_enable=Yes pasv_min_port=20001 pasv_max_port=20100