Forum:VSFTP over internet

I´ve installed VSFTP and it works fine in the local network with the Screenplay own ip. I´d like to know how do it over internet instead of the local network - 85.245.251.75 (sig added)
 * I just did this, so I'm somewhat familiar with it. Exposing the screenplay pro hd on the web means there are going to be automated programs finding your FTP site and trying to hack into it.  If you feel comfortable knowing that, read on.  To access over the internet, you're going to need 3 things.
 * 1) A fixed external IP or at least one that is assigned for a long time. Dialups and temporary connections don't have these.  Cable and DSL will usually assign the same one for a period of time, but don't get too attached because eventually they force it to change.  I've had mine for about 6 months.
 * 2) Knowledge of how to configure your router to allow port 21 TCP & UDP packets to be sent to the IP address of your screenplay. It may not require UDP, I didn't try just TCP.  I didn't need port 20, although other sites say you need to expose that one as well.
 * 3) A fixed IP address for your screenplay. Your DHCP server/router may have a way to assign the IP based on the MAC address, or if not, then you can assign the IP address leases to be long term / never expire.
 * Now you'll need to do research on your particular router/modem to find out how to do all of those things. Each brand has its own way of doing it.  It's also important to make sure you've locked out the nobody and default accounts.  In the passwd file,  put an X inbetween the two : : right after the nobody and default user names.  This will essentially block out any passwords and lock those accounts.
 * It would be wise to set a password for root. Just don't forget it.
 * You probably won't want anonymous access, and you'll want to read up on the configuration in the VSFTP file and try to limit the number of connections even more than the default number. If you can, configure your router to only allow the specific IP addresses or specific MAC addresses through that port.  The less you have it open, the less trouble you will have if somebody hacks into it.
 * Good luck. --JCoug 00:13, 16 June 2009 (UTC)