# This is an example fspd.conf file. Copy it and edit it to suit your tastes. # Where you see a # in front of a configuration value it indicates that the # value is commented out, (e.g. # conf .fspd.conf below). The text accompanying # the entry will indicate what the value defaults to if it is commented out. # The 'port' command specifies which port the fspd server is to listen too # This is NOT needed if running under inetd, but otherwise is required. # Standard port for FSP is 21, other popular ports are 2001 and 2000. # Please run official FSP sites on port 21. # # If you want a random port from 1024 - 65535 range, set port to 65535 # # ================================================================ # If you want to avoid detection by lamer security scanner nessus # do not use ports: 21, 2000 and 2221. # ================================================================ port 21 # Server can listen only on particular network interface #listenaddress 192.168.1.2 # The 'packetsize' sets maximal data size which will send FSPD in one packet. # FSP definition allows up to 1024 bytes of data (default value) and it is a # recommended to use this value unless there is a reason to use a smaller one. # If your fsp site eats too much bandwidth try smaller value. # !!! If you change this value you must delete all prebuilded directory # listings == .FSP_CONTENT files !!! # packetsize 768 # The 'conf' command allows a global file to read local files so that # multiple users at a site can use the same central fspd file. # # conf .fspd.conf # The 'homedir' command tells the server where it's ROOT directory is. # This directory must be given as an absolute path. # homedir /usr/fsp/data # 'homedir_restricted' off can allow symlinks which goes out of home # directory. homedir_restricted yes # 'use_access_files' if server should check for special .FSP files # in directory and set access rights acording to that. # In most installation, yes is right. Use `no` if people can upload # files starting with .FSP into fsp server homedir. use_access_files yes # 'permit_passwordless_owners' If server allow directory owners without # any password only based on request IP. Because IP can be easily spoofed, # it is recommended to require a password. permit_passwordless_owners off # The 'tmpdir' command controls where the server stores temporary files # during upload or grab. You must have it or server will support # read operations only. This can be absolute or relative path to home # dir. Server will try to create it. # tmpdir /tmp/fsp # The 'pidlogname command controls where we write the fspd pid. pidlogname /var/run/fspd.pid # The 'grabcommand' can turn grab command on or off. grabcommand on # The 'vercommand' can turn fver command on or off. All known FSP scanners # are using this command as detection of FSP presence. # vercommand must be disabled for stealth operation. Yes, lamers sucks. vercommand on # The 'readme' commands specifies the name of the local readme file # for each directory. If no readme command is given, the readme file # defaults to .README # # readme .README # The 'dircache' command controls how much directories listings gets cached. dircache 100 # 'use_prebuild_dirlists' allows to load/save prebuilded directories # listing from filesystem. It is a good idea to allow that. # Do not use on Win32 system. #use_prebuild_dirlists yes # The 'statcache' command controls how many directories are placed into # stat cache. Cache contains last modified time and access rights. statcache 30 # The 'statcache_timeout' command controls how long statcache entries are # valid before directory gets re-examined by stat() statcache_timeout 20 # 'use_directory_mtime'. If your filesystem changes mtime when directory # is updated, set it to YES. If set to NO, directory will be rechecked # after statcache_timeout and dircache entry invalidated. # Do not use on Win32 system. #use_directory_mtime yes # The 'filecache' command controls maximal number of open files by server. # After this limit will be reached, server will close last recently used files. # This do not prevent any number clients from downloading, but file for each # request must be opened first. Setting this lowers open/close overhead. filecache 30 # The 'dumpfile' command tells the server where to log stats on SIGUSR1 # signal. # It can be a relative path from the fspd home directory or an absolute # path. it must include the filename. dumpfile /var/run/fspd.stats # The 'logfile' command tells the server where to log things if # logging is enabled. # It can be a relative path from the fspd home directory or an absolute # path. # it must include the filename. # logfile ../logs/logfile # The 'log' command specifies the type of logging that should be performed. # The log command takes the following options # 'none' or any of 'all', '(!)errors', '(!)version', '(!)getdir', # '(!)getfile', '(!)upload', '(!)install', '(!)delfile', '(!)deldir', # '(!)setpro', '(!)getpro', '(!)makedir', '(!)grabfile',(!)readonly. # logging of 'all' will include logging of errors. # for example: # log all !errors -- will log all commands sent, but no error messages. # log all !getdir -- will log all commands except getdir and all errors # EXCEPT those that occured on a getdir command. # log install getfile errors -- will log all install and getfile commands # as well as any errors that occur on ONLY those commands. # If no log command is given, logging will be turned of (same as 'log none') # log all !readonly #The 'xferlog' command tells server where to use wuftpd compatible #transfer log file. Loging substem currectly do not support #recording of partial transfers. xferlog ../logs/xferlog # The 'thruput' command is used to specify the maximum average # number of bytes per second that the server will transmit. Use # 'thruput off' to specify no through put control. A negative value or # zero will also shut off thruput control. If this command is not given, # it acts like 'thruput off' # # thruput off # The 'setuid' command is used to specify a specific uid under which the # FSP server will run. Use 'setuid off' or 'setuid 0' in order to not # attempt to perform a setuid. If this command is not given, it acts like # 'setuid off'. Using setuid enables you to run the server as a specific # user rather than as root, you may want to do this for security reasons. # If you do this then ensure that the user id you assign to fspd has the # necessary permissions to read and write from the directories you have # assigned elsewhere in this configuration file. # # setuid off # The 'setguid' command is similar to setuid, but sets a group. # setguid off # The 'umask' for uploaded files. Standard octal value. # umask 0033 # The 'serverumask' is used when creating special access files. # serverumask 0077 # The 'daemonize' command specifies whether the fspd should fork itself into # the background when started up. The only acceptable values are 'on' or # 'off'. If this command isn't given, it acts like 'daemonize on'. # # daemonize on # The 'debug' command specifies whether the server should write debugging # output to stderr while it is running. The only acceptable values are 'on' # or 'off'. If this command is never given, it acts like 'debug off'. # # debug off # The 'restricted' command specifies whether the server is run in restricted # mode. In this case, only hosts enabled via the 'host' command will be # able to connect. The only acceptable values for this command are 'on' or # 'off'. If the command isn't given, it acts as 'restricted off'. # # restricted off # The 'reverse_name' command specifies whether the server should refuse # connections to sites that it cannot reverse lookup, that is it cannot # turn the dotted decimal address (1.2.3.4) into a name (a.b.com). The # only acceptable values for this command are 'on' or 'off'. If the # command is not given, it acts like 'reverse_name off' by default. # # reverse_name off # The 'read_only' command specifies whether the server should ignore any # commands that would cause a 'write' action on the server. The commands # that are refused by this are upload, install, mkdir, deldir, delfile, # and setpro. The only acceptable values for this command are 'on' or 'off'. # If the command is not given, it acts like 'read_only off'. # # read_only off # The "host" command can be used to grant or restrict access on a per host # or per group of host basis. You can configure the server to either ignore # particular clients, treat them as normal, or to always return a particular # message to those hosts. Each host configuration line looks as follows: # # host host_mask [host_type message] # # host_mask is either the full numeric or text name of a machine OR # a wildcarded host mask. Wildcarded hostmasks look as follows: # # 128.4.*.*-128.8.*.* -- (* acts as the range 0 - 255) # # The above line would affect all hosts of the form 128.4.*.*, 128.5.*.*, # 128.6.*.*, 128.7.*.* and 128.8.*.*. # # Host masking is only available with numeric hosts, not with text names. # # host_type is one of D, I, or N : # I hosts are ignored # N hosts are treated as normal # D hosts will receive the error string message given as the third parameter # # If host_type isn't specified, the host is treated as ignored or normal # depending on the value of restricted. # # The following line allows all RDG machines (134.225.*.*) access to a site: # # host 134.225.*.* N # # ... while the following would ignore all hosts from RDG: # # host 134.225.*.* I # # ... and the following would return an error message to them all: # # host 134.225.*.* D Sorry You Cannot Access This Site # The "retry" command specifies time in sec, how much time must # pass after new packet with the old KEY from client will be accepted # FSP protocol definition says that must be at least 3 secs, but you # can set this to shorter time and allow faster error recovery. It is # higly recommended to keep it at least 3 seconds. # retry 3 # The "timeout" command specifies how much time must pass after new # packet with wrong KEY number is accepted. FSP definition sets this # to 60 seconds. You can set it to lower value for faster clients # recovery (about 20 sec is fine). # timeout 60