How can I block vsftpd connection so that it only accepts localhost and local domain connections? In other words, I don't want the internet in general to be able to connect to it.
Add a line:
listen_address=127.0.0.1
to /etc/vsftpd/vsftpd.conf
That should restrict it to connections from localhost.
Change 127.0.0.1 to your LAN IP address if you want it to accept connections from your LAN only. You could connect to your own computer this way but you'd have to use the LAN address rather than "localhost" when connecting.
If you want to allow connections from localhost *and* your LAN then it gets a bit more complicated, e.g. using iptables to restrict incoming connections, or running 2 vsftpd instances, one listening on the localhost address and one on your LAN IP address.
Paul.
