Posted: Fri Feb 05, 2016 8:13 Post subject: ProFTPd missing mod_tls.c for SSL TLS support
Router Model:Linksys WRT610N v2 // Flash: 8MB / RAM: 64MB
CPU Model: Broadcom BCM4716 chip rev 1 / CPU Cores: 1 / CPU Clock: 480 MHz
Looking for some help adding SSL TLS support to any DD-WRT build that would fit this router. Was hoping there was a Build previously released that included ProFTPd and its module Mod_TLS.c and libraries but can't locate one. Flashed dozens of K2.6 & K3X Builds from 15962 to 29002. None of the install guides for ProFTPd show how to add these missing SSL,TLS modules to DD-WRT directly or via Opt or Jffs on a USB stick.
Plan is for multiple clients to access ProFTPd over WAN so OpenVPN or SSH connections won't help. Encryption tunnel will be forced using FTP/Implicit SSL connections. Want to retire current LinuxBox and transfer FTP duties to router.
Do the larger 20+MB Beta Builds for newer routers such as Asus RT-N66U have this feature available after flash?
If anyone has been able to get this SSL TLS tunnel to work with DD-WRT built-in ProFTPd let me know, thx.
I did setup OpenVPN and a few issues appeared. It drastically reduced performance of 480MHz CPU and thus all other traffic through router and as you mention is more complex for some clients to connect successfully. I even tried overclocking 480CPU to 533MHz and added a cooling fan but was unstable. The other issue is all authorized clients to OpenVPN can then use their new secure VPN connection for more than just the FTP adding further burden to the slower CPU.
The main reason for a way to enable ProFTPd & SSL TLS secure access in DD-WRT is because all current clients are already configured with SSL TLS to access my LinuxBox FTP and content. They wouldn't have to change anything on their end and wouldn't even know they was a server change.
It would be nice to see the OTRW2 Optware bundle or similar contain FTPS support and other missing services but OTRW2 K2.6 is already crammed with good stuff and support ended in 2014.
DD-WRT Dream Database - allow the user to checkbox each additional feature for given router. Click Merge/Build then download the custom flash binary. This would allow many combinations and control over flash build size. Developers could then focus on smaller projects instead of making too many changes to the main stable DD-WRT base framework and breaking other modules.
Recompiling your own custom DD-WRT binary is a huge task with steep learning curve and commitment.
Kudos to Brainslayer, Kong and Dev Team.
I suggested switching to vsftpd "a while back" as it's footprint is smaller and it supports all functions with taking up less flash space and some folks were slightly opposed to the idea.
Maybe someone can work on implementing the change and submit for approval with more success. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 16 Jun 2006 Posts: 148 Location: Germany, BW
Posted: Thu Apr 11, 2024 21:01 Post subject:
dale_gribble39 wrote:
I suggested switching to vsftpd "a while back"
That would be a good solution. I saw the vsftp-LuCI-implementation, five Pages of Options. Very nice. But a simlpe .conf-File would also be ok, if I only could get all services I use consolidated on one box.