Hi all,
I'm sure this is a quick fix, but I've not found the answer yet.
On a fresh install of CentOS5, I need to use an alternate port for ftp. Currently vsftpd wants the standard port which is in use by another system on my NATted network. So...how does one go about reconfiguring vsftpd to do this? I've looked in /etc/vsftpd/vsftpd.conf to no avail. In my Slackware days, proftpd was able to be configured by editing a single line in the .conf file. I'm hoping it's that easy using CentOS .
Thanks in advance for any/all suggestions. (and advance apologies for more questions, as I know they're coming!)
~Ray
On a fresh install of CentOS5, I need to use an alternate port for ftp. Currently vsftpd wants the standard port which is in use by another system on my NATted network. So...how does one go about reconfiguring vsftpd to do this? I've looked in /etc/vsftpd/vsftpd.conf to no avail.
From the FAQ that's included with the documentation (at least on my 4.5
machine)
Q) Help! Can I change the port that vsftpd runs on? A1) Yes. If you are running vsftpd in standalone mode, use the "listen_port" directive in vsftpd.conf. A2) Yes. If you are running vsftpd from an inetd or xinetd program, this becomes an inetd or xinetd problem. You must change the inetd or xinetd configuration files (perhaps /etc/inetd.conf or /etc/xinetd.d/vsftpd)
Sometimes reading the documentation helps :-)
Stephen Harris wrote:
On a fresh install of CentOS5, I need to use an alternate port for ftp. Currently vsftpd wants the standard port which is in use by another system on my NATted network. So...how does one go about reconfiguring vsftpd to do this? I've looked in /etc/vsftpd/vsftpd.conf to no avail.
From the FAQ that's included with the documentation (at least on my 4.5
machine)
Q) Help! Can I change the port that vsftpd runs on? A1) Yes. If you are running vsftpd in standalone mode, use the "listen_port" directive in vsftpd.conf. A2) Yes. If you are running vsftpd from an inetd or xinetd program, this becomes an inetd or xinetd problem. You must change the inetd or xinetd configuration files (perhaps /etc/inetd.conf or /etc/xinetd.d/vsftpd)
Sometimes reading the documentation helps :-)
Hi Stephen,
Thanks for your reply. Actually, I have read the docs, have ensured that vsftpd is not running under xinetd (vsftpd.conf file shows listen=YES, listen_port=318); I am *not* listening for IPv6.
I can't start the daemon. Running /etc/rc.d/init.d/vsftpd status shows "vsftpd dead but subsys locked". This occurs each and every time unless I remove listen_port= from the conf file and let the daemon use port 21.
Soooo...I'm stuck and while I know I can get this working with proftpd, I'd rather not for obvious security reason.
Thanks again, in advance, for any replies.
Regards, ~Ray
On 7/3/07, Ray Leventhal centos@swhi.net wrote:
I can't start the daemon. Running /etc/rc.d/init.d/vsftpd status shows "vsftpd dead but subsys locked". This occurs each and every time unless I remove listen_port= from the conf file and let the daemon use port 21.
Are you using selinux? It restricts ftpd to port 21 iirc. You'll have to create a local policy allowing it to listen/connect on a port other than that.
Jim Perrin wrote:
On 7/3/07, Ray Leventhal centos@swhi.net wrote:
I can't start the daemon. Running /etc/rc.d/init.d/vsftpd status shows "vsftpd dead but subsys locked". This occurs each and every time unless I remove listen_port= from the conf file and let the daemon use port 21.
Are you using selinux? It restricts ftpd to port 21 iirc. You'll have to create a local policy allowing it to listen/connect on a port other than that.
Yes, Jim! SELinux is applied by default to this fresh install, I believe. I'll hack at that next.
Thank you!
~R
On Tue, 3 Jul 2007, Ray Leventhal wrote:
Jim Perrin wrote:
On 7/3/07, Ray Leventhal centos@swhi.net wrote:
Are you using selinux? It restricts ftpd to port 21 iirc. You'll have to create a local policy allowing it to listen/connect on a port other than that.
Yes, Jim! SELinux is applied by default to this fresh install, I believe. I'll hack at that next.
No need to create a local policy, use semanage. (The types that you will want are ftp_port_t and/or ftp_data_port_t.)
Steve Friedman
On 7/3/07, Steve Friedman steve@adsi-m4.com wrote:
No need to create a local policy, use semanage. (The types that you will want are ftp_port_t and/or ftp_data_port_t.)
Yep, he did say he was on c5 didn't he. Missed that part. Still stuck in c4 world....
Steve Friedman wrote:
On Tue, 3 Jul 2007, Ray Leventhal wrote:
Jim Perrin wrote:
On 7/3/07, Ray Leventhal centos@swhi.net wrote:
Are you using selinux? It restricts ftpd to port 21 iirc. You'll have to create a local policy allowing it to listen/connect on a port other than that.
Yes, Jim! SELinux is applied by default to this fresh install, I believe. I'll hack at that next.
No need to create a local policy, use semanage. (The types that you will want are ftp_port_t and/or ftp_data_port_t.)
Steve Friedman
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
semanage was the answer.
Many many thanks to all.
~Ray
-
centos@swhi.net -
Jim Perrin -
Ray Leventhal
-
Stephen Harris -
Steve Friedman