From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20021216 Description of problem: vsftpd does not seem to have a configuration directive allowing you to configure a passive mode port range. Version-Release number of selected component (if applicable): vsftpd-1.1.3-8 How reproducible: Always Steps to Reproduce: 1.Start vsftpd 2. 3. Actual Results: Passive mode FTP access is broken for those who have tighter firewalling set up. Expected Results: Upgrading from RedHat 8.0 to 9.0 gives you an FTP daemon that is not as configurable. It should be possible to configure passive mode FTP ports for vsftpd as in wu-ftpd. Additional info: One is left with only two options, either open up all port above 1024 to machines that provide FTP access (not an option really because it's a security nightmare) or retrofit all systems with wu-ftpd. There seems to be no documentation in the RedHat linux documentation, and the docs that come with vsftpd are not very helpful.
I'm going through the source for vsftpd, it seems that on postlogin.c at line 361 it has vars for allowing you to configure a port number, but it's not in tunables.h or tunables.c or parseconf.c. It seems that it would be trivial to implement this. It looks like it was left out deliberately for some reason? I will make a version with this feature in it and see if it work. The logic for picking a random port seems a little heavy, but I'll leave that for now. The vars of tunable_pasv_min_port and tunable_pasv_max_port.
Holy cow batman! I downloaded the vsftpd version 1.1.3 and it doesn't have it, but the redhat version 1.1.3 does have it. Okay - it's in the RedHat version
Bravo RedHat! This works great. Well - I guess that just about does it for that!