Hello,
I'm running a vsFTPd FTP server with virtual users (i.e. users are stored in Berkeley DB and do not exist at OS level). The users are authenticated via /etc/pam.d/ftp:
%PAM-1.0
auth required pam_userdb.so db=/etc/vsftpd/vsftpd-virtual-user account required pam_userdb.so db=/etc/vsftpd/vsftpd-virtual-user
I want to implement an user-level IP filtering via tcp_wrappers, for ex.:
/etc/hosts.deny:
vsftpd: [email protected]
(user 'toto') is a vitrual user.
However, toto can log in to the FTP server from 10.10.10.10:
Status: Connecting to 10.10.10.10:21...
Status: Connection established, waiting for welcome message...
Response: 220 "FTP server"
Command: USER toto
Response: 331 Please specify the password.
Command: PASS ********
Response: 230 Login successful.
Status: Connected
How to make vsftpd's virtual users working with tcp_wrappers? how to debug system calls to tcp_wrappers to ensure that vsftpd is passing a correct user name to tcp_wrappers?