Package: vsftpd
Version: 2.3.0~pre1-1
There seems to be a trend in Debian and/or Linux to activate the
sysctl net.ipv6.bindv6only=1 by default, meaning that binding on the
IPv6 unspecified address (::) will not also bind IPv4 (contrarily to
the former Linux tradition). This means that running vsftpd with
listen_ipv6=YES will ONLY listen on IPv6, not IPv4, whereas formerly
it listened to both. (I discovered this by noticing that my ftp
server had stopped responding to IPv4 and was only reachable through
IPv6.)
Possible solutions:
* Advise sysadmins installing vsftpd to set net.ipv6.bindv6only=0.
This does not seem desirable, however, as it goes against the
current trend.
* Advise sysadmins to run two different copies of vsftpd, one for IPv4
only and one for IPv6 only. This is inconvient with the startup
scripts provided by Debian, however.
* Advise sysadmins to run vsftpd from inetd or xinetd. This also goes
against current trends, however, since all flavors of inetd seem to
be dying out.
* Use setsockopt(..., IPPROTO_IPV6, IPV6_V6ONLY, ...) to set
IPV6_V6ONLY to 0 on the vsftpd socket when listening on IPv6, so as
to request binding on IPv4 only. Or, even better, make this an
option. This would be my preferred solution.
* Allow vsftpd to run with both listen and listen_ipv6.
--
David A. Madore
( http://www.madore.org/~david/ )
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
