Vsftpd

From DD-WRT Wiki

Jump to: navigation, search

Contents

[edit] Introduction

VSFTP is a package included with Entware. See Installing Entware for more info. The package name is "vsftpd-ext", without the quotes.

[edit] Requirements

First be sure that you have enough memory free. Because of this I describe the installation on SD-cards (/mmc). For sure you can also use your SMBshare-dir. Additionally this procedure will show how to install even the needed ipkg packages on the SD-card.

It is also possible to replace every occurances of (/mmc) with (/jffs) if you have it enabled

[edit] Preparation

For ipkg we will need the following directories on the SD-Card:

  mkdir /mmc/jffs
  mkdir /mmc/jffs/tmp
  mkdir /mmc/jffs/tmp/ipkg

[edit] Installing vsftpd

Installation of vsftpd-Server from downloads.openwrt.org

  ipkg -d /mmc/jffs install http://URL_2_vsftpd

Please ensure using the correct URL to the vsftpd-package. Ignore the warnings during ipkg-installation.

[edit] Installing uclibc

Because of not running with the standard-libs of DD-WRT we will install uclibc for use with vsftpd:

  ipkg -d /mmc/jffs install http://URL_2_uclibc

Unsure the correct URL to uclibc again!

[edit] Config File

For anon login use the following in your vsftpd.conf file. Before you use this realize you will be giving anon login FULL ACCESS

Use vi /mmc/jffs/etc/vsftpd.conf to open file

  anon_mkdir_write_enable=YES
  anon_upload_enable=YES
  no_anon_password=YES
  anon_world_readable_only=NO
  # leave this as / needs to be nonwritable
  anon_root=/
  # you might have to make this dir
  secure_chroot_dir=/jffs/var/run/vsftpd
  ftp_username=root
  nopriv_user=root
  background=YES
  listen=YES
  anonymous_enable=YES
  local_enable=YES
  write_enable=YES
  local_umask=022
  check_shell=NO
  dirmessage_enable=YES
  ftpd_banner=ROUTER

If you would like to use root only use the following:

  # you might have to make this dir
  secure_chroot_dir=/jffs/var/run/vsftpd
  ftp_username=root
  nopriv_user=root
  background=YES
  listen=YES
  anonymous_enable=NO
  local_enable=YES
  write_enable=YES
  local_umask=022
  check_shell=NO
  dirmessage_enable=YES
  ftpd_banner=ROUTER

[edit] USER "nobody"

Attention, User name “nobody” must be put on, otherwise cannot work vsftpd correctly.

User “nobody” put on:

echo "nobody:Password:0:0:User,,,:/mmc:/bin/sh" >> /tmp/etc/passwd

(if you are using the onboard memory, remplace mmc: by root:)

[edit] Start script for vsftpd

The following script starts vsftpd using the libuclibc:

  export LD_PRELOAD='/mmc/jffs/lib/libuClibc-0.9.27.so'
  /mmc/jffs/usr/sbin/vsftpd /mmc/jffs/etc/vsftpd.conf
  unset LD_PRELOAD
  env > /dev/null

In the second line, the server is started using its config file. Please refer to the vsftpd manpage to learn more about this.

Save the script in your router (here: /mmc/progs/ftpserver/start).

Don't forget to give the execute privilege (chmod x start).

[edit] Changes to startup section

Please be sure the ftp-server is working properly before changing the startup for the router.

Go to Administration - Commands in the router's config and add the following lines to the startup section :

  cd /mmc/progs/ftpserver
  ./start

(there are other ways to use Startup Scripts)

[edit] Firewall settings

To get the FTP-Server enabled from WAN side add the following line to the firewall section:

  /usr/sbin/iptables -I INPUT 1 -p tcp --dport 21 -j logaccept