#The given values are only examples, modify this file for your own needs.
user global {
-
- #Saying no here makes the server unaccessable.
- SERVER_ENABLED=yes
+ #If set to no, access is allowed.
+ #If set to yes, access is denied without giving a reason.
+ #If set to anything else, access is denied giving the content of this variable as a reason.
+ DENY_LOGIN="no"
#If SERVER_ENABLED is not set to yes, you can give a reason for the server
#shutdown here, or just say 'none'.
DISABLE_REASON=none
+ #If PORT data connections should be opened from port 20, say yes here. You
+ #will probably need this if your server is behind a firewall that restricts
+ #outgoing packets from ports higher than 1024. Note that this may be a
+ #security hole, as the server can not drop its root privileges completely
+ #if you say yes here.
+ DATAPORT20="no"
+
+ #You can force bftpd to use a specific port range in passive mode.
+ #If none of the given ports could be bound, the connection is
+ #is refused. If you want to bind any free port in that case, add
+ #"0" to the list.
+ #PASSIVE_PORTS="10000,12000-12100,13000"
+ PASSIVE_PORTS="0"
+
+ #The password for the administration commands, encrypted (man mkpasswd).
+ ADMIN_PASS="x"
+
+ #With this option, you can put your entire FTP environment into a chroot
+ #jail. Apart from security, this offers you the possibility of having
+ #virtual users that don't exist in the system.
+ #INITIAL_CHROOT="/ftp"
+
+ #This option controls the buffer size while transferring files.
+ #If you are on a very fast network (fast meaning 100 Mbit/s or more),
+ #you should set this to 64000 or something like that.
+ #Transferring from localhost to localhost, I had a transfer speed of
+ #approx. 15 MB/s with XFER_BUFSIZE=2048 and a speed of approx. 20 MB/s
+ #with XFER_BUFSIZE=64000. You should not set big values for this if you have
+ #slow (dialup) clients.
+ XFER_BUFSIZE="2048"
+
+ #When set to yes, this option makes the server allow data connections which
+ #don't go to the client who initiated them.
+ #This is needed for FXP.
+ ALLOW_FXP="no"
+
+ #With the option ALLOWCOMMAND_XXXX, you can disable the command XXXX.
+ #For example, if you don't want any user to delete files, you can do
+ #ALLOWCOMMAND_DELE=no
+ #Of course, you can disable it for specific users by writing the appropiate
+ #lines into the user structures.
+ ALLOWCOMMAND_DELE="yes"
+ ALLOWCOMMAND_STOR="yes"
+ ALLOWCOMMAND_SITE="yes"
+
+ #After how many seconds of idle time should a user be kicked from the server?
+ CONTROL_TIMEOUT="300"
+
+ #After how many seconds of idle time should a user be kicked from the server
+ #during a file transfer?
+ DATA_TIMEOUT="30"
+
#Use Ratio if you want the client to send a file before he can get a file.
#Usage: RATIO=send/receive or RATIO=none. Example: RATIO=2/1 lets the client
#receive a 1 MB file when he has sent a 2 MB file.
#ROOTDIR specifies the root directory of the client. It defaults to %h
#(user's home directory). %u is replaced by the user name.
- ROOTDIR=%h
+ ROOTDIR="%h"
#Umask for the files or directories users create.
UMASK=022
#Name of the log file. Specify "syslog" (without quotes) to log into syslog.
- LOGFILE=syslog
+ LOGFILE="/var/log/bftpd.log"
#Use %v for version, %h for the server FQDN and %i for the server IP address.
HELLO_STRING=bftpd %v at %h(%i) ready.
+ #Path to the message of the day, seen by all users before login.
+ MOTD_GLOBAL="/etc/ftpmotd"
+
+ #Path to the message of the day, seen after login, relative to the root
+ #path of the user (see ROOTDIR).
+ MOTD_USER="/.ftpmotd"
+
+ #What message should be used as reply for the QUIT command?
+ QUIT_MSG="See you later..."
+
#Authentication type, values: PAM, PASSWD
AUTH=PAM
#long to connect.
RESOLVE_CLIENT_IP=no
- #Path to the message of the day, seen by all users before login.
- MOTD_GLOBAL=/etc/ftpmotd
-
- #Path to the message of the day, seen after login, relative to the root
- #path of the user (see ROOTDIR).
- MOTD_USER=/.ftpmotd
-
#If RESOLVE_UIDS is enabled, in directory lists the user and group names
#are shown instead of UID/GID. This may slow down directory listings.
RESOLVE_UIDS=yes
- #You can enable/disable SITE commands here.
- ENABLE_SITE=no
-
#If DO_CHROOT is enabled, a user can not access directories other than his
#HOMEDIR and its subdirectories. DON'T disable this globally if you don't
#want to have a security hole!
#its IP address here. Else enter 'any'. This option only works in standalone
#mode.
BIND_TO_ADDR=any
+
+ #Path to the ftpusers file. It can contain user names that are denied.
+ #If it does not exist, every user can log in. If you don't want this,
+ #just put a nonexistent filename here.
+ PATH_FTPUSERS="/etc/ftpd/ftpusers"
}
user ftp {