FTP Server

To set up vsftpd FTP server in Ubuntu:

Get vsftpd from here, which was found through this website.

$ tar zxf vsftpd-2.2.2.tar.gz
$ cd vsftpd-2.2.2
$ make
$ sudo make install
to make install work properly you have to follow the INSTALL textfile in the current directory (the directory where you untarred the vsftpd. for example I did:
$ make
$ ls -l vsftpd      # as supposed by the INSTALL file
$ useradd nobody
$ mkdir /usr/share/empty/
$ mkdir /home/morteza/Desktop/tempftp/      #this will be the home of the FTP
$ useradd -d /home/morteza/Desktop/tempftp/ ftp

$ chown root.root /var/ftp
$ chmod og-w /var/ftp
$ mkdir /usr/local/man/man5
$ mkdir /usr/local/man/man8
$ cp vsftpd.conf /etc
$ vsftpd &
$ sudo vsftpd /etc/vstftd.conf

$ copy some files or directories to your ftp home above

You can now connect to the ftp!

There was more steps to do in the INSTALL file. but up to here that worked! you can get files from your ftp!

---

I tried to restart vsftpd or stop it but when you run it it would lock the command line to its input and doesnot execute other commands unless you exit it by pressing CTRL+c . I probably should have gone through the rest of the steps!

when I checked it by $ sudo apt-cache search vsf it could be found installed. Anyway, I didn't have time so I just fixed it by $ sudo apt-get install vsftpd and it worked fine. this action as far as I noticed added vsftpd to the /etc/init.d/ and instead of executing vsftpd itself by executing that particular new vsftpd executor it will execute as a service and you will have the command line after that. e.g. you can have $ sudo /etc/init.d/vasftpd strat  OR restart OR stop

$ ftp localhost
ftp> username: anonymous
password: #There is no password
ftp> cd E-Books
ftp> get "my ebook.pdf"
ftp> quit


for the users to be able to download the file, with the default setting the bit modes of the file have to poit to root and havereadable permission.

$ sudo chown root:root filename   to set the user owner and group
$ sudo chmode +r filename




iptables configuration

Your ftp server needs a channel to transfer data. Port 21 is used to establish the connection. So to make data transfer possible you'd need to enable port 20 as well. See the following configuraton

First load the following module to make sure passive ftp connections are not rejceted

modprobe ip_conntrack_ftp

Allow FTP connections on port 21 incoming and outgoing

 -A INPUT  -p tcp -m tcp --dport 21 -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 21"
 -A OUTPUT -p tcp -m tcp --dport 21 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 21"

Allow FTP port 20 for active connections incoming and outgoing

 -A INPUT  -p tcp -m tcp --dport 20 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -m comment --comment "Allow ftp connections on port 20"
 -A OUTPUT -p tcp -m tcp --dport 20 -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow ftp connections on port 20"

Finally allow FTP passive inbound traffic

 -A INPUT  -p tcp -m tcp --sport 1024: --dport 1024: -m conntrack --ctstate ESTABLISHED -j ACCEPT -m comment --comment "Allow passive inbound connections"
 -A OUTPUT -p tcp -m tcp --sport 1024: --dport 1024: -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -m comment --comment "Allow passive inbound connections"

For more on FTP and firewall problems see: http://slacksite.com/other/ftp.html#active












Comments