Avissar Software
 
 Dftpd Configuration

Dftpd Configuration
allow_fxp_pasv allow_fxp_port allow_service_ports auth_mode bind_ip
cscript custom datapath default_homedir dupe_check
fs_sync_freq ignore_type log_access_format log_access_name log_date_format
log_prog_format log_prog_name login_prompt max_users nuke_empty
nuke_mult_max nukedir_style pasv_port_range resolve_dns rootpath
server_ip server_port server_sslport shutdown site_cmd
site_flags site_ip sitename_long sitename_short speed_limit


All Configuration Parameters
allow_fxp_pasv <*|flag|-user|=group>

Specifies who is allowed to use FXP for passive transfers (PASV).
Users that are allowed to use FXP can make data connections on
a different IP address than their control connection. Use
"allow_fxp_pasv 0" to completely disable FXP for passive transfers.

NOTE:  Passive FXP must be enabled on servers that allow remote
  connections.
EXAMPLE:  allow_fxp_pasv 1 2 =SiteOps =STAFF -admin
  This will allow passive mode FXP to be used by users with
  the flags 1 or 2, in the SiteOps or STAFF group, or the
  user named admin.
  allow_fxp_pasv !8 *
  This will allow passive mode FXP to be used by all users
  except users with the 8 flag.

back
allow_fxp_port <*|flag|-user|=group>

Same as allow_fxp_pasv except applies to active transfers (PORT).

back
allow_service_ports <0|1>

Sets if the PORT command (active mode transfers) can specify a data
port below 1024 (standard service ports range).
If allow_service_ports is set to 0, the PORT command will only allow
ports greater than 1024 to be used.

back
auth_mode <0|1>

Authentication mode.
0 = allow clear and SSL connections
1 = allow SSL connections only

back
bind_ip <xxx.xxx.xxx.xxx>

The IP address the server should listen on (bind to). By default the
server will listen on all IPs (bind to all IPs).
NOTE:  The IP must be in dotted notation (Ex. 127.0.0.1).
  The server must be restarted to change this.

back
cscript <cmd name> <when to run> <path/filename>

Custom scripts (or binaries) to be executed before/after any command.
The first parameter is the name of the command before/after which to
execute the script. The second parameter can be either "pre" or "post",
to run before or after, respectively. The third parameter is the full
path to the script to be executed, relative to the rootpath of the site.
If using a command with a space in it, like a SITE command, you need
to use "[:space:]" between the words (Ex: SITE[:space:]WHO).
Both "pre" and "post" scripts will be passed 4 parameters:
$1 = full command string the user used
$2 = user's login name
$3 = user's group
$4 = user's absolute CWD path
"Post" scripts cannot echo anything to the client --they are executed
after the response is sent to the client. If the last line echoed by
a "pre" script starts with "4xx" or "5xx", or if the script can't be
executed, the FTP command that should run after the script will not be
executed. Any lines that are echoed by a "pre" script should contain
the proper FTP prefix code. In general successful results should start
with "2xx" and failure should start with "5xx" (Ex. "200- Success").
Also, when multiple lines are sent back to the client, the intermediate
lines should start with "xxx-" (Ex. 200- success) and the final line
should start with "xxx " (Ex. 500 Error). Only error responses should
contain a final line since successful responses will be followed by the
response to the FTP command that was specified.
NOTE:  EXEC commands that specify a file ending in .sh will be passed
  to the "bash" program. Files with any other extension will be
  run as a binary.

back
custom <cmd name> <*|flag|-user|=group>

Sets the permissions for a custom SITE command. After a command is
specified with site_cmd the permissions for the custom command should
be set with "custom".
NOTE:  When using the IS mode, only the specified permissions are used.
  The permissions for the internal command will not be applied.
Example1:  site_cmd L MYUSERS IS USERS
  custom MYUSERS *
(In this example all users will be allowed to use the "SITE MYUSERS"
 command. However, the permissions for "SITE USERS" will remain
 unchanged.)
Example2:  site_cmd L TEST EXEC /bin/test.sh arg1[:space:]arg2
  custom test =SiteOps 1 2 -admin

back
datapath <data directory path>

Path to the server data --always relative to the "rootpath".

back
default_homedir <home directory path>

default_homedir is used to set the homedir for newly created users.
If the path starts with "./", the path will be taken relative to the
rootpath. Otherwise the path will be treated as absolute.

back
dupe_check <ndays>

Sets the number of days back to check for dupes. Setting dupe_check
to 0 will disable dupe-checking. Dupe checking is always case insensitive.

back
fs_sync_freq <minutes>

Filesystem synchronization cycle time (minutes). This is the
frequency at which the filesystem in memory will be synchronized with
the *.fs files (located in ROOTPATH/fs). This operation can also be
performed manually using the "SITE FSSYNC" command (must be siteop).
If fs_sync_freq is set to 0, synchronization will only be done when
the server is stopped.

back
ignore_type <filemask> [<filemask> ...]

Specifies filemasks for files that should not be added to the dupe log.
Dupe checking will not apply to these files. Use [:space:] to enter
filemasks with spaces. The mask are always treated as case insensitive.
Multiple ignore_type commands can be used.

back
log_access_format <format string>

Formatting string for the access log file
  %d -> date (format is specified using log_date_format)
  %s -> server IP
  %l -> server listening port
  %c -> client IP
  %p -> client port
  %u -> user name
  %m -> FTP command (method)
  %a -> argument to the command
  %r -> 3-digit response code from the server
  %t -> response text from the server

back
log_access_name <access log name>

Access log file name.
Uses the same format options as log_date_format.

Example: log_access_name %d%m%Y_access.log

back
log_date_format <format string>

Formatting string for the log date field
  %a = abbreviated weekday name according to the current locale
  %A = full weekday name according to the current locale
  %b = abbreviated month name according to the current locale
  %B = full month name according to the current locale
  %d = day of the month as a decimal number (range 01 to 31)
  %H = hour as a decimal number using a 24-hour clock (range 00 to 23)
  %I = hour as a decimal number using a 12-hour clock (range 01 to 12)
  %j = day of the year as a decimal number (range 001 to 366)
  %m = month as a decimal number (range 01 to 12)
  %p = current locale's AM/PM. indicator for 12-hour clock
  %S = second as a decimal number (range 00 to 61)
  %w = day of the week as a decimal, range 0 to 6, Sunday being 0
  %y = year as a decimal number without a century (range 00 to 99)
  %Y = year as a decimal number including the century
  %z = time-zone as hour offset from GMT
  %Z = time zone or name or abbreviation
  %O = display the 5-digit (w/ + or -) UTC offset in minutes (Ex. EST -> -0300)
  %% = A literal `%' character

back
log_prog_format <format string>

Formatting string for the program log file
  %D -> date (format is specified using log_date_format)
  %S -> sub-system (where in the prog the log is coming from)
  %M -> message (message that is passed in)

back
log_prog_name <program log name>

Program log file name.
Uses the same format options as log_date_format.

back
login_prompt <login string>

Login prompt to display to the user.

back
max_users <max users> <max when full>

Max number of users allowed on the site, max allowed when full
(must have flag 1 or 4).

back
nuke_empty <kbytes>

The amount of kbytes that will be removed from the user if
the nuked directory is empty.

back
nuke_mult_max <multiplier>

The highest multiplier a nuker can use. If nuke_mult_max is set
to 0, there is no limit.

back
nukedir_style <prefix> <0|1|2> <kbytes>

Settings for site NUKE command. The first parameter is a prefix string
to use for nuked directories (Ex. NUKED-). The prefix string is added
to the directory name when it is nuked. The second parameter specifies
how the nuke command should behave. 0 -> delete all nuked directories
(permanently removes all files and dirs). 1 -> delete all files, but
keep directories. 2 -> keep files and directories. Using 2 enables
unnuke to restore the nuked directory. The third parameter is used to
determine if a directory should be treated as empty. If the total size
of the files in the directory are less than or equal to this value, the
directory will be treated as empty.
back
pasv_port_range <low> <high>

Range of ports to use for PASV mode data connections (default = any port).
If <high> is 0 any port will be used (OS will assign ports).
NOTE:  When a range of ports is specified with the "pasv_port_range" option,
  only <high>-<low>+1 data connections will be able to be made at one
  time. Also, <low> should be at least greater than 1024 to avoid
  conflicts with standard services (in general make <low> > 5000).

back
resolve_dns <0|1>

Will resolve an IP. If set to 0 will not bother resolving the IPs to names.

back
rootpath <full path to Dftpd root>

The root path of the server.
This must come before all other relative paths.

back
server_ip <xxx.xxx.xxx.xxx>

IP address the server should use when making data connections
(this will be the address returned in the PASV command).
This is useful when the server is behind a firewall and is assigned an
internal IP address.
By default the IP address of the network interface the client is
connected to is used.

Example: server_ip 66.149.100.243

back
server_port <port>

Port the server will listen on (default 21).
NOTE: The server must be restarted to change this.

back
server_sslport <port>

Port the implicit SSL server will listen on.
By default the server will not listen for implicit SSL connections.
The standard implicit SSL listening port is 990.
NOTE: The server must be restarted to change this.

back
shutdown <0|1|2>

Server shutdown: 1=deny all but siteops, 2=deny all, 0=sever open

back
site_cmd <remote mode> <cmd name> <exec/text/is> <filename> [optional arg]

Used to define a custom SITE command. There is no limit to how many
site_cmd can be specified. The first argument can be D, G, or L:
  D -> the command should be forwarded to aliased (remote) DFTPD sites.
  G -> the command should be forwarded to any aliased site.
  L -> the command should not be forwarded (local only).
The second argument for "site_cmd" is the name of the custom command.
The name of the custom command can only be 1 word --with no spaces.
The command name is not case sensitive. The third parameter can be one
of three posibilities:
  EXEC will execute a script/binary.
  TEXT will display a text file.
  IS will execute the internal SITE command specified afterwards.
The fourth parameter is the name of the script/binary, text file, or
internal command depending on the type of custom command. The path for
the fourth parameter is relative to the root directory (rootpath). A
fifth argument is only used with the EXEC and IS options to specify
arguments to pass to the script/binary or internal command. If multiple
arguments need to be passed, use [:space:] between the arguments.
NOTE:  EXEC commands that specify a file ending in .sh will be passed
  to the "bash" program. Files with any other extension will be
  run as a binary.

Example: site_cmd L TEST EXEC /bin/test.sh arg1[:space:]arg2

back
site_flags <SITE command> <flags>

The first argument specifies the SITE command to set flags for. The
remaining arguments specify the flags required to access the command.
The flags arguments can also specify specific users and groups to
allow/disallow. To specify a user use -<username> to specify a group
use =<groupname>. '*' is used to specify all users. To disallow
flags, users, or groups add a '!' before the flag, username, or
groupname. The flags are processed in order (from left to right) until
a match is found (either allow or disallow). For example, specifying
"!8 *" will first reject any user with the '8' flag and then allow
anybody else. The flags specified with site_flags will replace the
default flags for the command.

back
site_ip <xxx.xxx.xxx.xxx>

IP address used to identify the server when making remote connections
to other DFTPD servers.
By default the IP address of the first network interface is used
(not 127.0.0.1).

Example: server_ip 66.149.100.243

back
sitename_long <long site name>

Long name for the site.

back
sitename_short <short site name>

Short name for the site.

back
speed_limit <DL_LIMIT> <UP_LIMIT>

Max transfer speed, in Kb/sec, for the site (0 = unlimited).

back