Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Basic FTP server Package for pfSense

    pfSense Packages
    5
    14
    2135
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      u444665 last edited by

      Is there any basic ftp server package for pfsense possible, please?

      I know in some old post their was a way to manually install it, but not possible with new v2.4 version.
      http://rasyid.net/2009/12/15/step-by-step-install-pure-ftp-inside-pfsense/

      Please devs, if that is not too much to ask for basic ftp server package for 2.4.4
      Thanks

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        For the firewall to act as an FTP server? No, never going to happen.

        The firewall is a firewall, not a file server. FTP is a broken and insecure protocol, even with tacked-on things like FTPS.

        That said, you could enable SSH and users could connect with SCP/SFTP, but that should not be exposed to the public because, again, it's a firewall and not a file server.

        If you need a file server, virtualize it inside your network or isolate it on a dedicated device like a Pi. But if at all possible, avoid FTP like the plague it is.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        U 1 Reply Last reply Reply Quote 0
        • U
          u444665 @jimp last edited by

          @jimp said in Basic FTP server Package for pfSense:

          For the firewall to act as an FTP server? No, never going to happen.

          The firewall is a firewall, not a file server. FTP is a broken and insecure protocol, even with tacked-on things like FTPS.

          That said, you could enable SSH and users could connect with SCP/SFTP, but that should not be exposed to the public because, again, it's a firewall and not a file server.

          If you need a file server, virtualize it inside your network or isolate it on a dedicated device like a Pi. But if at all possible, avoid FTP like the plague it is.

          Sorry, I wanted to clarify further. FTP for inside only (LAN side), not on WAN (public).
          Many LoT & other devices support FTP uploads, like CCTV alerts etc that get uploaded to the FTP.

          I am sure by default package only allows source as internal subnet/private IP.

          Thanks

          A 1 Reply Last reply Reply Quote 0
          • jimp
            jimp Rebel Alliance Developer Netgate last edited by

            That is still dangerous and not something that belongs on a firewall.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            U 1 Reply Last reply Reply Quote 0
            • U
              u444665 @jimp last edited by

              @jimp

              On side note, want to know how do I filter outgoing traffic by mac address. I have some devices that try to connect to outside, but want to prevent it.
              IP blocking is not possible as IP address changes all the time... its long story. (DHCP reservation/static does will not work)

              If you are aware of way to block outgoing traffic by MAC, please let me know the steps, could not find it.

              1 Reply Last reply Reply Quote 0
              • jimp
                jimp Rebel Alliance Developer Netgate last edited by

                That's a topic for a new thread as it's unrelated to this subject.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • A
                  akuma1x @u444665 last edited by

                  @u444665 said in Basic FTP server Package for pfSense:

                  Sorry, I wanted to clarify further. FTP for inside only (LAN side), not on WAN (public).
                  Many LoT & other devices support FTP uploads, like CCTV alerts etc that get uploaded to the FTP.

                  If it is in fact internal, inside LAN only, like you posted above, you don't need to run anything on your firewall. All internal LAN traffic, to talk with each other, doesn't touch the firewall at all. To do FTP all you need is a server type program that runs that protocol on a host/computer, and a client on another host/computer to connect to this server computer. It's been that way for at least 20 years, probably longer, since it's such an old tech.

                  Or, are you actually talking about something else? A LAN computer trying to FTP out to the internet, or an internet computer trying to FTP into a LAN computer?

                  Jeff

                  U 1 Reply Last reply Reply Quote 0
                  • U
                    u444665 @akuma1x last edited by

                    @akuma1x
                    pfsense is running on a dedicated PC with 200GB HDD, so would like to setup FTP as well, FTP service does not use that much resource anyway.

                    Btw, ignore mac address filtering, I end up using Captive Portal which works perfectly, as long as you allow all remaining devices 1 by 1.

                    Gertjan 1 Reply Last reply Reply Quote 0
                    • A
                      akuma1x last edited by

                      If you want to take advantage of that one single computer, you should probably virtualize your pfsense software. Then on a different instance, on the same PC, setup your FTP server stuff.

                      Jeff

                      1 Reply Last reply Reply Quote 1
                      • jimp
                        jimp Rebel Alliance Developer Netgate last edited by

                        It doesn't matter how large the storage in the firewall is, that doesn't make it a good idea to use it as a file server. Use a dedicated device, or virtualize everything on the hardware, but preferably use a different device.

                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • A
                          akuma1x last edited by

                          Why don't you get a Raspberry Pi and run an FTP service there?

                          https://www.raspberrypi-spy.co.uk/2018/05/creating-ftp-server-with-raspberry-pi/

                          Besides making a virtual instance of an FTP server on something you already have, like the 200GB server box you're talking about, this is most likely the next "less expensive" option.

                          Jeff

                          NogBadTheBad 1 Reply Last reply Reply Quote 0
                          • NogBadTheBad
                            NogBadTheBad @akuma1x last edited by

                            @akuma1x said in Basic FTP server Package for pfSense:

                            Why don't you get a Raspberry Pi and run an FTP service there?

                            https://www.raspberrypi-spy.co.uk/2018/05/creating-ftp-server-with-raspberry-pi/

                            Besides making a virtual instance of an FTP server on something you already have, like the 200GB server box you're talking about, this is most likely the next "less expensive" option.

                            Jeff

                            It's what I do ☺

                            I'd be tempted to use sftp rather than ftp.

                            Andy

                            1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                            A 1 Reply Last reply Reply Quote 0
                            • A
                              akuma1x @NogBadTheBad last edited by

                              @NogBadTheBad said in Basic FTP server Package for pfSense:

                              I'd be tempted to use sftp rather than ftp.

                              Well, yes, of course...

                              His CCTV doo-dads he mentions might or might not support that protocol, however. Who knows.

                              Jeff

                              1 Reply Last reply Reply Quote 0
                              • Gertjan
                                Gertjan @u444665 last edited by

                                @u444665 said in Basic FTP server Package for pfSense:

                                using Captive Portal which works perfectly, as long as you allow all remaining devices 1 by 1.

                                Normally ..... a captive portal should be run on a dedicated interface (OPTx).
                                Everybody on the 'non-trusted' captive portal interface and up to you if they 'merit' a place on a more trusted LAN (OPTy) interface.
                                Or even LAN - if they are really trustworthy.

                                No "help me" PM's please. Use the forum.

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post