per-protocol ip binds; closes #1176

2026-01-12 07:44:08 -07:00 · 2026-01-07 23:27:03 +00:00 · 2026-01-07 23:27:03 +00:00 · 87a5c22a34
parent 7d6e59f347
commit 87a5c22a34
5 changed files with 21 additions and 8 deletions
--- a/copyparty/main.py
+++ b/copyparty/main.py
@ -1429,6 +1429,7 @@ def add_sftp(ap):
    ap2.add_argument("--sftp", metavar="PORT", type=int, default=0, help="enable SFTP server on \033[33mPORT\033[0m, for example \033[32m3922")
    ap2.add_argument("--sftpv", action="store_true", help="verbose")
    ap2.add_argument("--sftpvv", action="store_true", help="verboser")
+    ap2.add_argument("--sftp-i", metavar="IP", type=u, default="-i", help="IPs to listen on (comma-separated list). Set this to override \033[33m-i\033[0m for this protocol")
    ap2.add_argument("--sftp4", action="store_true", help="only listen on IPv4")
    ap2.add_argument("--sftp-key", metavar="U K", type=u, action="append", help="\033[34mREPEATABLE:\033[0m add ssh-key \033[33mK\033[0m for user \033[33mU\033[0m (username, space, key-type, space, base64); if user has multiple keys, then repeat this option for each key\n └─commandline example: --sftp-key 'david ssh-ed25519 AAAAC3NzaC...'\n └─config-file example: sftp-key: david ssh-ed25519 AAAAC3NzaC...")
    ap2.add_argument("--sftp-key2u", action="append", help=argparse.SUPPRESS)
@ -1444,6 +1445,7 @@ def add_ftp(ap):
    ap2.add_argument("--ftp", metavar="PORT", type=int, default=0, help="enable FTP server on \033[33mPORT\033[0m, for example \033[32m3921")
    ap2.add_argument("--ftps", metavar="PORT", type=int, default=0, help="enable FTPS server on \033[33mPORT\033[0m, for example \033[32m3990")
    ap2.add_argument("--ftpv", action="store_true", help="verbose")
+    ap2.add_argument("--ftp-i", metavar="IP", type=u, default="-i", help="IPs to listen on (comma-separated list). Set this to override \033[33m-i\033[0m for this protocol")
    ap2.add_argument("--ftp4", action="store_true", help="only listen on IPv4")
    ap2.add_argument("--ftp-ipa", metavar="CIDR", type=u, default="", help="only accept connections from IP-addresses inside \033[33mCIDR\033[0m (comma-separated); specify [\033[32many\033[0m] to disable inheriting \033[33m--ipa\033[0m / \033[33m--ipar\033[0m. Examples: [\033[32mlan\033[0m] or [\033[32m10.89.0.0/16, 192.168.33.0/24\033[0m]")
    ap2.add_argument("--ftp-no-ow", action="store_true", help="if target file exists, reject upload instead of overwrite")
@ -1468,6 +1470,7 @@ def add_webdav(ap):
 def add_tftp(ap):
    ap2 = ap.add_argument_group("TFTP options (UDP only)")
    ap2.add_argument("--tftp", metavar="PORT", type=int, default=0, help="enable TFTP server on \033[33mPORT\033[0m, for example \033[32m69 \033[0mor \033[32m3969")
+    ap2.add_argument("--tftp-i", metavar="IP", type=u, default="-i", help="IPs to listen on (comma-separated list). Set this to override \033[33m-i\033[0m for this protocol")
    ap2.add_argument("--tftp4", action="store_true", help="only listen on IPv4")
    ap2.add_argument("--tftpv", action="store_true", help="verbose")
    ap2.add_argument("--tftpvv", action="store_true", help="verboser")
@ -1481,6 +1484,7 @@ def add_tftp(ap):
 def add_smb(ap):
    ap2 = ap.add_argument_group("SMB/CIFS options")
    ap2.add_argument("--smb", action="store_true", help="enable smb (read-only) -- this requires running copyparty as root on linux and macos unless \033[33m--smb-port\033[0m is set above 1024 and your OS does port-forwarding from 445 to that.\n\033[1;31mWARNING:\033[0m this protocol is DANGEROUS and buggy! Never expose to the internet!")
+    ap2.add_argument("--smb-i", metavar="IP", type=u, default="-i", help="IPs to listen on (comma-separated list). Set this to override \033[33m-i\033[0m for this protocol")
    ap2.add_argument("--smbw", action="store_true", help="enable write support (please dont)")
    ap2.add_argument("--smb1", action="store_true", help="disable SMBv2, only enable SMBv1 (CIFS)")
    ap2.add_argument("--smb-port", metavar="PORT", type=int, default=445, help="port to listen on -- if you change this value, you must NAT from TCP:445 to this port using iptables or similar")
@ -1491,11 +1495,13 @@ def add_smb(ap):
    ap2.add_argument("--smbvv", action="store_true", help="verboser")
    ap2.add_argument("--smbvvv", action="store_true", help="verbosest")

+
 def add_opds(ap):
    ap2 = ap.add_argument_group("OPDS options")
    ap2.add_argument("--opds", action="store_true", help="enable opds -- allows e-book readers to browse and download files (volflag=opds)")
    ap2.add_argument("--opds-exts", metavar="T,T", type=u, default="epub,cbz,pdf", help="file formats to list in OPDS feeds; leave empty to show everything (volflag=opds_exts)")

+
 def add_handlers(ap):
    ap2 = ap.add_argument_group("handlers (see --help-handlers)")
    ap2.add_argument("--on404", metavar="PY", type=u, action="append", help="\033[34mREPEATABLE:\033[0m handle 404s by executing \033[33mPY\033[0m file")
@ -2150,10 +2156,17 @@ def main(argv: Optional[list[str]] = None) -> None:
        if getattr(al, k1):
            setattr(al, k2, False)

-    if not HAVE_IPV6 and al.i == "::":
-        al.i = "0.0.0.0"
+    protos = "ftp tftp sftp smb".split()
+    opts = ["%s_i" % (zs,) for zs in protos]
+    for opt in opts:
+        if getattr(al, opt) == "-i":
+            setattr(al, opt, al.i)
+    for opt in ["i"] + opts:
+        zs = getattr(al, opt)
+        if not HAVE_IPV6 and zs == "::":
+            zs = "0.0.0.0"
+        setattr(al, opt, [x.strip() for x in zs.split(",")])

-    al.i = [x.strip() for x in al.i.split(",")]
    try:
        if "-" in al.p:
            lo, hi = [int(x) for x in al.p.split("-")]
--- a/copyparty/ftpd.py
+++ b/copyparty/ftpd.py
@ -641,7 +641,7 @@ class Ftpd(object):
        lgr = logging.getLogger("pyftpdlib")
        lgr.setLevel(logging.DEBUG if self.args.ftpv else logging.INFO)

-        ips = self.args.i
+        ips = self.args.ftp_i
        if "::" in ips:
            ips.append("0.0.0.0")

--- a/copyparty/sftpd.py
+++ b/copyparty/sftpd.py
@ -734,7 +734,7 @@ class Sftpd(object):
        self.bound: list[str] = []
        self.sessions = {}

-        ips = args.i
+        ips = args.sftp_i
        if "::" in ips:
            ips.append("0.0.0.0")

@ -780,7 +780,7 @@ class Sftpd(object):
        for ip in ips:
            self._bind(ip)

-        self.log("listening on %s port %s" % (self.bound, args.sftp))
+        self.log("listening @ %s port %s" % (self.bound, args.sftp))

    def log(self, msg: str, c: Union[int, str] = 0) -> None:
        self.hub.log("sftp", msg, c)
--- a/copyparty/smbd.py
+++ b/copyparty/smbd.py
@ -89,7 +89,7 @@ class SMB(object):
        smbserver.isInFileJail = self._is_in_file_jail
        self._disarm()

-        ip = next((x for x in self.args.i if ":" not in x), None)
+        ip = next((x for x in self.args.smb_i if ":" not in x), None)
        if not ip:
            self.log("smb", "IPv6 not supported for SMB; listening on 0.0.0.0", 3)
            ip = "0.0.0.0"
--- a/copyparty/tftpd.py
+++ b/copyparty/tftpd.py
@ -175,7 +175,7 @@ class Tftpd(object):
            p1, p2 = [int(x) for x in self.args.tftp_pr.split("-")]
            ports = list(range(p1, p2 + 1))

-        ips = self.args.i
+        ips = self.args.tftp_i
        if "::" in ips:
            ips.append("0.0.0.0")