Eu estava usando um firmware de roteador personalizado para o ASUS RT-AC66U (WRT Merlin) e atualizado para uma versão mais recente lançada ontem. Agora está funcionando.
Estou tentando configurar um servidor FTP em casa com o Ubuntu 16.04 Server, mas há um problema com o PASV. Eu não posso fazer isso retornar meu IP externo.
A saída do testador de ftp:
Status: Resolving address of dns. ... .net
Status: Connecting to xx.xxx.xxx.xxx
Warning: The entered address does not resolve to an IPv6 address.
Status: Connected, waiting for welcome message...
Reply: 220 (vsFTPd 3.0.3)
Command: CLNT https://ftptest.net on behalf of xx.xxx.xxx.xxx
Reply: 530 Please login with USER and PASS.
Command: AUTH TLS
Reply: 234 Proceed with negotiation.
Status: Performing TLS handshake...
Status: TLS handshake successful, verifying certificate...
Status: Received 1 certificates from server.
Status: cert[0]: subject='C=PT,ST=Some-State,O=Internet Widgits Pty Ltd,EMAIL=admin@... .net' issuer='C=PT,ST=Some-State,O=Internet Widgits Pty Ltd,EMAIL=admin@... .net'
Command: USER home
Reply: 331 Please specify the password.
Command: PASS ********
Reply: 230 Login successful.
Command: SYST
Reply: 215 UNIX Type: L8
Command: FEAT
Reply: 211-Features:
Reply: AUTH TLS
Reply: EPRT
Reply: EPSV
Reply: MDTM
Reply: PASV
Reply: PBSZ
Reply: PROT
Reply: REST STREAM
Reply: SIZE
Reply: TVFS
Reply: 211 End
Warning: The server does not indicate MLSD support. MLSD uses a well-specified listing format. Without MLSD, directory listings have to be obtained using LIST which uses an unspecified output format.
Command: PBSZ 0
Reply: 200 PBSZ set to 0.
Command: PROT P
Reply: 200 PROT now Private.
Command: PWD
Reply: 257 "/home/home" is the current directory
Status: Current path is /home/home
Command: TYPE I
Reply: 200 Switching to Binary mode.
Command: PASV
Reply: 227 Entering Passive Mode (0,0,0,0,90,101).
Error: Server returned broadcast address in PASV reply
Isso é o que eu mudei no arquivo de configuração:
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=NO
ssl_ciphers=HIGH
pasv_enable=Yes
pasv_max_port=1050
pasv_min_port=1040
pasv_address=xx.xx.xx.xx <- my wan IP
Use o pasv_address
para configurar seu endereço IP externo.
Veja o link .