Interested parties about FSP please email to Radim Kolar hsn at sendmail.cz visit our homepage on http://fsp.sourceforge.net/ and join us! For more than 7 years benefits of FSP protocol were unnoticed and FSP software was not maintained... FSP today Written by Radim Kolar Protocol related FSP uses UDP datagrams and it is reliable even when there is high number of packet loss. It is usable on WiFi network with 60%-80% packet loss. FSP can very quickly addapt to changing line condition. This is excelent for wireless packet networks. FSP needs about 6 RTT to retune itself after receiving condition goes worse. And unlike TCP based protocols, FSP has a fast restart when line improves - It do not needs any RTT; FSP goes immediatly to maximum possible speed. Maximum FSP speed is by design lower than maximum speed of TCP based protocols because it has only 1 packet in the network. TCP protocol has about 3 packets. Design of FSP protocol makes impossible to send more than 1 packet into network. This is nice method for bandwidth protection. FSP server do not sends any data out unless is asked for. This solves problem with transfering duplicate data when using TCP protocol on overloaded lines. About 30% are dupes, thrown out by client. Note: TCP stacks from BSD family has this dupe ratio much lower. Embedded devices FSP protocol is very easy to implement; client core has about one page of C code. It is ideal for embedded devices for file-transfer tasks, like firmware downloading. Because of its simplicity, there is a little chance to writing buggy implementation. FSP is also good for remote booting. It is simplier than TFTP and supports directory listings. FSP protocol can be used as wire-protocol even without using any layer 2 stuff. It operates in degraded mode with extra features disabled. Internet operation UDP ports are not often port scanned today, only one exception is scanning for Windows/Samba file sharing service. Nobody will notice that you are running a fsp server. FSP uses UDP which is unnoticed by many firewalls. FSP server runs on 21 port by default, if you move it to port 53 (dns) even strictly configured firewall can be worked around. You want to run anonymous archive and want to keep lamers out. You want to share something without ruining your valueable bandwidth. You have overloaded archive site. You do want to share large data files (movies, ISO images) on slow (or you do not want to waste valuable bandwidth) lines. Ideal for sharing files on modem lines. FSP daemon is a very light server. What is the purpose of FSP (V2.8.1): Written by A.J.Doherty@reading.ac.uk FSP is a set of programs that implements a public-access archive similar to an anonymous-FTP archive. It is not meant to be a replacement for FTP; it is only meant to do what anonymous-FTP does, but in a manner more acceptable to the provider of the service and more friendly to the clients. Providing anonymous-FTP service can be costly --- each active session consumes one process slot in the OS and one stream socket entry in the network sub-system. The servers can also run concurrently, adding to the system load. A popular archive site can easily be overwhelmed as a result. Some were forced to shutdown and some impose inconvenient access restrictions. Unlike FTP, FSP is connection-less and virtually state-less. One server handles requests from all clients machines. Each active client machine takes up 16-bytes in a dynamically extensible table. Since only one server exists on a server machine at any time, the load added to the server machine is no more than one. In exchange for allowing site operators to keep their sites open and do away with cumbersome access restrictions, this is what the clients accept with FSP: 1) Lower transfer rate. The maximum rate is 1 kbyte per UDP message round-trip time between the client and the server. In addition to the potential for more abundant sites and more accessible sites, this is what the clients gain with FSP: 1) Robustness. Since FSP is connectionless, fluctuations in the network will not abort a FSP transaction. Furthermore, the 16-bytes of data for each client can be regenerated at any point during any transaction. Thus, if the server goes down at any point during a transaction, the transaction will resume when the server is restarted. (like NFS) 2) Friendlier user interface. FSP does not have its own command interpretor like FTP. Since it is connectionless, there is no reason to carry much information from one command to the next, and the commands can all be made into individual Unix programs. For instance, there is one program you run to list the directory and another you run to download a file. 3) Client protection. FSP oversees a directory structure similar to that of an anonymous-FTP. However, a directory created via FSP transaction is owned by the client machine that issued the creation request. The client can create and delete files and subdirectories in that directory. In addition, the client can enable any of the four attributes for that directory: A) Give all other clients the permission to create files. B) Give all other clients the permission to delete files or subdirectories. C) Give all other clients the permission to read files. (this is true by default) D) Give all other clients the permission to create sub- directories. Note: A subdirectory can be deleted if it is empty and the client owns the subdirectory. 4) Server protection. FSP server does not spawn sub-programs. It will accept only paths that are downward relative to its designated working directory. On systems with symbolic links, the server will follow symbolic links, but it does not follow uplinks (".."). Clients cannot create symbolic links and care should be taken so that other users on the server machine cannot create symbolic links in the server's work space. It is also fairly difficult to formulate an attack to force a shutdown of a FSP site by actions of a rogue site. About the only way to disrupt a FSP service is to flood the FSP site with network packets. FSP server prevents itself from 'counter-flooding' by filtering for legitimate requests using the following method: A) Each request message contains a key. For each client, server database contains the keys to be used for the next client request and for the previous client request. B) If the next request does not contain a key that matches either of the two keys, it is accepted only if at least one minute has elapsed since the last time a request is accepted. If the key does match the old key (retransmit by client) it is accepted if the elapse time is greater than 3 seconds. C) Every request message accepted is acknowledged with one reply message. The reply message contains a new key to used for the next request. The new key is computed by the server with a pseudo-random number generator. Flooding is a blatant violation of network etiquette because a site can be subjected to flooding attack whether it has FSP running or not, and flooding congests every link and gateway between the rogue client and the server. As a further measure of protection, the server loads a table of rogue clients on startup. The server will not respond to requests from any of those clients. *********************************************************************** This is a free software. Be creative; make your own macros and tools and let me know of any bugs and suggestions. *********************************************************************** Source code uses several BSD-like licenses; Whole FSP is distributed under 2-point BSD license, also known as MIT X11 License.