diff --git a/fspd.conf b/fspd.conf new file mode 100644 index 0000000..4c752f0 --- /dev/null +++ b/fspd.conf @@ -0,0 +1,231 @@ +# This is an example fspd.conf file. Copy it and edit it to suit your tastes. +# Where you see a # in front of a configuration value it indicates that the +# value is commented out, (e.g. # conf .fspd.conf below). The text accompanying +# the entry will indicate what the value defaults to if it is commented out. + +# The 'port' command specifies which port the fspd server is to listen too +# This is NOT needed if running under inetd, but otherwise is required. +# Standard port for FSP is 21, other popular ports are 2001 and 2000. +# Please run official FSP sites on port 21. +# If you want a random port from 1024 - 65535 range, set port to 65535 +# +port 21 + +# The 'packetsize' sets maximal data size which will send FSPD in one +# packet. FSP definition allows up to 1024 bytes of data and it is a +# recommended to use this value unless there is a reason to use a smaller +# one. If your fsp site eats too much bandwidth try smaller value. +# !! If you change this value you must delete all .FSP_CONTENT files !! +# packetsize 768 + +# The 'conf' command allows a global file to read local files so that +# multiple users at a site can use the same central fspd file. +# +# conf .fspd.conf + +# The 'homedir' command tells the server where it's ROOT directory is. +# This directory must be given as an absolute path. +# +homedir /usr/fsp/data + +# 'homedir_restricted' off can allow symlinks which goes out of home +# directory. +homedir_restricted yes + +# 'use_access_files' if server should check for special .FSP files +# in directory and set access rights acording to that. +use_access_files yes + +# 'permit_passwordless_owners' If server allow directory owners without +# any password only based on request IP. Because IP can be easily spoofed, +# it is recommended to require a password. +permit_passwordless_owners off + +# The 'tmpdir' command controls where the server stores temporary files +# during upload or grab. +# +tmpdir /tmp/fsp + +# The 'grabcommand' can turn grab command on or off. +grabcommand on + +# The 'vercommand' can turn fver command on or off. Many FSP scanners +# are using this command as detection of FSP presence +vercommand on + +# The 'readme' commands specifies the name of the local readme file +# for each directory. If no readme command is given, the readme file +# defaults to .README +# +# readme .README + +# The 'dircache' command controls how much directories listings gets cached. +dircache 50 + +# 'use_prebuild_dirlists' allows to load/save prebuilded directories +# listing from filesystem. It is a good idea to allow that. +# Win32: Set to NO +use_prebuild_dirlists yes + +# The 'statcache' command controls how many directories are placed into +# stat cache. Cache contains last modified time and access rights. +statcache 30 + +# The 'statcache_timeout' command controls how long statcache entries are +# valid before directory gets re-examined by stat() +statcache_timeout 15 + +# 'use_directory_mtime'. If your filesystem changes mtime when directory +# is updated, set it to YES. If set to NO, directory will be rechecked +# after statcache_timeout and dircache entry invalidated. +# Win32: Set to NO +use_directory_mtime yes + +# The 'filecache' command controls maximal number of open files by server. +# After this limit will be reached, server will close last recently used files. +# This do not prevent any number clients from downloading, but file for each +# request must be opened first. Setting this lower open/close overhead. +filecache 30 + +# The 'dumpfile' command tells the server where to log stats on SIGUSR1 +# signal. +# It can be a relative path from the fspd home directory or an absolute +# path. it must include the filename. +dumpfile /var/run/fspd.stats + +# The 'logfile' command tells the server where to log things if +# logging is enabled. +# It can be a relative path from the fspd home directory or an absolute +# path. +# it must include the filename. +# +logfile ../logs/logfile + +# The 'log' command specifies the type of logging that should be performed. +# The log command takes the following options +# 'none' or any of 'all', '(!)errors', '(!)version', '(!)getdir', +# '(!)getfile', '(!)upload', '(!)install', '(!)delfile', '(!)deldir', +# '(!)setpro', '(!)getpro', '(!)makedir', '(!)grabfile',(!)readonly. +# logging of 'all' will include logging of errors. +# for example: +# log all !errors -- will log all commands sent, but no error messages. +# log all !getdir -- will log all commands except getdir and all errors +# EXCEPT those that occured on a getdir command. +# log install getfile errors -- will log all install and getfile commands +# as well as any errors that occur on ONLY those commands. +# If no log command is given, logging will be turned of (same as 'log none') +# +log all + +# The 'thruput' command is used to specify the maximum average +# number of bytes per second that the server will transmit. Use +# 'thruput off' to specify no through put control. A negative value or +# zero will also shut off thruput control. If this command is not given, +# it acts like 'thruput off' +# +# thruput off + +# The 'setuid' command is used to specify a specific uid under which the +# FSP server will run. Use 'setuid off' or 'setuid 0' in order to not +# attempt to perform a setuid. If this command is not given, it acts like +# 'setuid off'. Using setuid enables you to run the server as a specific +# user rather than as root, you may want to do this for security reasons. +# If you do this then ensure that the user id you assign to fspd has the +# necessary permissions to read and write from the directories you have +# assigned elsewhere in this configuration file. +# +# setuid off + +# The 'setguid' command is similar to setuid, but sets a group. +# setguid off + +# The 'umask' for uploaded files. Standard octal value. +# umask 0033 + +# The 'serverumask' is used when creating special access files. +# serverumask 0077 + +# The 'daemonize' command specifies whether the fspd should fork itself into +# the background when started up. The only acceptable values are 'on' or +# 'off'. If this command isn't given, it acts like 'daemonize on'. +# +# daemonize on + +# The 'debug' command specifies whether the server should write debugging +# output to stderr while it is running. The only acceptable values are 'on' +# or 'off'. If this command is never given, it acts like 'debug off'. +# +# debug off + +# The 'restricted' command specifies whether the server is run in restricted +# mode. In this case, only hosts enabled via the 'host' command will be +# able to connect. The only acceptable values for this command are 'on' or +# 'off'. If the command isn't given, it acts as 'restricted off'. +# +# restricted off + +# The 'reverse_name' command specifies whether the server should refuse +# connections to sites that it cannot reverse lookup, that is it cannot +# turn the dotted decimal address (1.2.3.4) into a name (a.b.com). The +# only acceptable values for this command are 'on' or 'off'. If the +# command is not given, it acts like 'reverse_name off' by default. +# +# reverse_name off + +# The 'read_only' command specifies whether the server should ignore any +# commands that would cause a 'write' action on the server. The commands +# that are refused by this are upload, install, mkdir, deldir, delfile, +# and setpro. The only acceptable values for this command are 'on' or 'off'. +# If the command is not given, it acts like 'read_only off'. +# +# read_only off + +# The "host" command can be used to grant or restrict access on a per host +# or per group of host basis. You can configure the server to either ignore +# particular clients, treat them as normal, or to always return a particular +# message to those hosts. Each host configuration line looks as follows: +# +# host host_mask [host_type message] +# +# host_mask is either the full numeric or text name of a machine OR +# a wildcarded host mask. Wildcarded hostmasks look as follows: +# +# 128.4.*.*-128.8.*.* -- (* acts as the range 0 - 255) +# +# The above line would affect all hosts of the form 128.4.*.*, 128.5.*.*, +# 128.6.*.*, 128.7.*.* and 128.8.*.*. +# +# Host masking is only available with numeric hosts, not with text names. +# +# host_type is one of D, I, or N : +# I hosts are ignored +# N hosts are treated as normal +# D hosts will receive the error string message given as the third parameter +# +# If host_type isn't specified, the host is treated as ignored or normal +# depending on the value of restricted. +# +# The following line allows all RDG machines (134.225.*.*) access to a site: +# +# host 134.225.*.* N +# +# ... while the following would ignore all hosts from RDG: +# +# host 134.225.*.* I +# +# ... and the following would return an error message to them all: +# +# host 134.225.*.* D Sorry You Cannot Access This Site + +# The "retry" command specifies time in sec, how much time must +# pass after new packet with the old KEY from client will be accepted +# FSP protocol definition says that must be at least 3 secs, but you +# can set this to shorter time and allow faster error recovery. It is +# higly recommended to keep 3 seconds. +# retry 3 + +# The "timeout" command specifies how much time must pass after new +# packet with wrong KEY number is accepted. FSP definition sets this +# to 60 seconds. + +# timeout 60