Openwrt 22.03 搭建vsftpd 服务器

安装

xxxxxxxxxx
make menuconfig 

依次选中

xxxxxxxxxx
Network  ---> 
  File Transfer  --->
    <*> vsftpd............................... Fast and secure FTP server (no TLS)    

配置

配置ftp本地用户

主要是在 /etc/passwd 中修改，/etc/shadow 是密码，按需调整即可

x
cat /etc/passwd

ftp:x:55:55:ftp:/mnt/data/ftp:/bin/false

使用 /mnt/data/ftp 作为ftp用户的主目录，主目录权限配置如下

xxxxxxxxxx
mkdir -p /mnt/data/ftp/upload
chown -R ftp:ftp /mnt/data/ftp/*

调整vsftpd的配置

x
background=YES
listen=YES

# allow anonymous FTP? (disabled by default)
anonymous_enable=NO

# uncomment this to allow local users to log in
local_enable=YES
# uncomment this to enable any form of FTP write command
write_enable=YES

local_umask=022
check_shell=NO

local_root=/mnt/data/ftp

# restrict local users to their home directories.
chroot_local_user=YES
# make sure write_enable directive works
allow_writeable_chroot=YES

# allow only certain users to the FTP server
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.users

#ftpd_banner=Welcome to blah FTP service.
session_support=NO

# set log
dual_log_enable=YES
syslog_enable=NO
vsftpd_log_file=/var/log/vsftpd.log
log_ftp_protocol=YES
xferlog_enable=YES

# fix 500 OOPS: priv_sock_get_cmd
seccomp_sandbox=NO
isolate_network=NO

其中在 /etc/vsftpd.users 中限制了允许登陆的ftp用户为ftp

xxxxxxxxxx
/mnt/data/ftp# cat /etc/vsftpd.users                             
ftp

注意：Openwrt 22.03 使用的vsftpd的版本为 3.0.5

xxxxxxxxxx
PKG_VERSION:=3.0.5

该版本需要在配置中添加如下配置

xxxxxxxxxx
seccomp_sandbox=NO
isolate_network=NO

如果以上配置不存在，将导致客户端只能查看ftp文件，无法上传和下载文件。

错误如下

x
ftp 192.168.1.1
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp> cd upload
250 Directory successfully changed.
ftp> 
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 0        0              75 Jan 03 06:29 a.txt
226 Directory send OK.
ftp> 
ftp> get a.txt
local: a.txt remote: a.txt
200 PORT command successful. Consider using PASV.
421 Service not available, remote server has closed connection
ftp>

测试

x
ftp 192.168.1.1
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp> cd upload
250 Directory successfully changed.
ftp> 
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 0        0              75 Jan 03 06:29 a.txt
226 Directory send OK.
ftp> 
ftp> get a.txt
local: a.txt remote: a.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for a.txt (75 bytes).
226 Transfer complete.
75 bytes received in 0.00 secs (126.7166 kB/s)
ftp> 
ftp> put a.sh
local: a.sh remote: a.sh
200 PORT command successful. Consider using PASV.
150 Ok to send data.
226 Transfer complete.
32 bytes sent in 0.01 secs (2.9373 kB/s)
ftp> 
ftp> 
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r--    1 55       55             32 Jan 03 06:32 a.sh
-rw-r--r--    1 0        0              75 Jan 03 06:29 a.txt
226 Directory send OK.
ftp> 

其中

xxxxxxxxxx
get a.txt

用于下载upload目录下的a.txt 文件到本地

xxxxxxxxxx
ftp> put a.sh

用于上传本地主机中当前目录下的a.sh 到ftp服务器

参考

https://forum.openwrt.org/t/vsftpd-issue-with-connection-in-openwrt-21-02/111591