Vsftpd and Dynamic IP

SDraconis · 05-04-2005, 09:26 PM

I have seen other people with this problem, but as of yet have not found a good solution. The issue is pretty basic: I have a vsftpd server that I need to run in passive mode because of router and firewall issues. Passive mode, of course, requires the server to know my WAN IP. My problem is that I have a dynamic IP address. For other servers (HTTP and SSH), using my named address from DynDNS.org works just fine, but vsftpd doesn't seem to actually resolve names and rather needs the IP explicitly named. Is there any way to remedy this issue without having to manually edit the file on each IP change? (I use ddclient for updating my DynDNS address automatically, by the way).

dugas · 05-04-2005, 11:50 PM

vsftpd does not require your ip to be explicitly named. I use vsftpd with passive mode using dyndns to update my dynamic ip. If you need help setting it up, let me know.

dugas · 05-04-2005, 11:54 PM

maybe you need to edit your hosts file
cd /etc
open the file called hosts in an editor
add a line
192.168.?.? name.dyndns.org
where the ip is your local ip and name.dyndns.org is your domain name. THis sets up a route to the host on your internal network.

SDraconis · 05-05-2005, 12:27 AM

I am thoroughly confused on how your suggestion would help anything. In my vsftpd.conf, if I have

Code:

pasv_address=name.dyndns.org
pasv_enable=YES
pasv_min_port=some_high_port
pasv_max_port=some_higher_port

where the high ports are appropriately forwarded in my router, then connecting to myself or from a computer over the internet results in

Code:

PASV
500 OOPS: invalid pasv_address

from the FTP client. It is my understanding that pasv_address needs to be set to your external IP address in order for passive connections to work properly. Setting to my private LAN IP does not work when connecting from outside the LAN, unless with a smart client (like WS_FTP) that ignores the private passive address and uses the server IP instead. The output would look something along the lines of

Code:

PASV
227 Entering Passive Mode (192,168,X,X,27,15)
connecting data channel to 192.168.X.X:27,15(6927)
Substituting connection address X.X.X.X for private address 192.168.X.X from PASV
data channel connected to X.X.X.X:27,15(6927)

I know that if I set pasv_address to my actual external IP rather than my dyndns name, everything works as it should. The problem here is that I can't keep changing my vsftpd.conf file manually every time my IP changes.

apietrom · 07-26-2005, 03:19 PM

I have looked all over the web for an answer and the best one I found was to setup a cron job to check for your dynamic IP address, write it to the conf file if different and restart the server. I run it every hour. It would be nice to be able to use pasv_address=xxxxx.dyndns.org but it does not currently work.

If you find anything better please respond and the last line to the vsftpd.log (restart) is ugly. If you know how to make it nice that would also be appreciated.

Cheers.

-----------------------------------------------------------------

#!/bin/sh
#vsftpd.conf IP update

vsftpd_conf=/etc/vsftpd/vsftpd.conf
vsftpd_log=/var/log/vsftpd.log

my_ip=`host xxxxx.dyndns.org | cut -f4 -d" "`
vsftpd_ip=`grep pasv_address $vsftpd_conf | cut -f2 -d=`

if [ "$my_ip" != "$vsftpd_ip" ] ; then
( echo ",s/$vsftpd_ip/$my_ip/g" && echo w ) | ed - $vsftpd_conf
echo `date` "$vsftpd_conf updated with $my_ip IP address" >> $vsftpd_log
/etc/init.d/vsftpd restart >> $vsftpd_log
fi

-----------------------------------------------------------------