+++ /dev/null
-# Configuration file for frox transparent ftp-proxy.
-
-# Send SIGHUP after editing and it will be reread. This will fail
-# completely if we are chrooted and the config file isn't within the
-# dir we are chrooted to, or if we have dropped priveleges and no
-# longer have permission to read it! We may also no longer have
-# permission to bind to device.
-
-# Address to listen on - default is 0.0.0.0
-#
-# Listen firewall.localnet
-Listen 192.168.2.1
-
-# Port to listen on. Must be supplied.
-#
-Port 12345
-
-# If specified then bind to this device
-#
-BindToDevice eth0
-
-# Specify ranges for local ports to use for outgoing connections and
-# for sending out in PORT commands. By default these are all between
-# 40000 and 50000, but you might want to split them up if you have
-# complicated firewalling rules.
-#
-# ControlPorts 40000-40999
-# PassivePorts 41000-41999
-# ActivePorts 42000-42999
-
-# Number of seconds of no activity before closing session
-# Defaults to 3600
-#
-Timeout 1800
-
-#Maximum number of processes to fork.
-#
-# MaxForks 0 # For debugging -- only one connection may be served.
-MaxForks 10
-
-# User and group to drop priveliges to. Default is not to drop.
-#
-User nobody
-Group nogroup
-
-# Directory to chroot to. Default is not to chroot. Filenames for
-# other options should be within this directory, but specified
-# relative to /.
-#
-# Chroot /usr/local/lib/frox
-
-# Block PORT commands asking data to be sent to ports<1024 and
-# prevent incoming control stream connections from port 20 to
-# help depend against ftp bounce attacks. Defaults to on.
-#
-BounceDefend yes
-
-# If true then only accept data connections from the hosts the control
-# connections are to. Breaks the rfc, and defaults to off.
-#
-# SameAddress yes
-
-# Try to transparently proxy the data connections as well. Not
-# necessary for most clients, and does increase security risks. Read
-# README.transdata for details. Defaults to off.
-#
-# TransparentData yes
-
-# File to log to. Default is stderr
-#
-# LogFile /dev/null
-# LogFile /usr/local/lib/frox/frox-log
-
-# File to store PID in. Default is not to. If this file is not within
-# the Chroot directory then it cannot be deleted on exit, but will
-# otherwise work fine.
-#
-PidFile /var/run/frox.pid
-
-# Caching options. There should be at most one CacheModule line, and
-# Cache lines to give the options for that caching module. CacheModule
-# is HTTP (rewrites ftp requests as HTTP and sends them to a HTTP
-# proxy like squid), or local (cache files locally). The relevant
-# module needs to have been compiled in at compile time. See
-# FAQ for details. If there are no CacheModule lines then no
-# caching will be done.
-#
-# CacheModule local
-# Cache Dir /usr/local/lib/frox/cache/
-# Cache CacheSize 400
-#
-# CacheModule squid
-# Cache HTTPProxy 127.0.0.1:3128
-# Cache MinCacheSize 65536
-
-# Active --> Passive conversion. If set then all outgoing connections
-# from the proxy will be passive FTP, regardless of the type of the
-# connection coming in. This makes firewalling a lot easier. Defaults
-# to no.
-#
-# APConv yes
-
-# Allow non-transparent proxying support. The user can connect
-# directly to frox, and give his username as user@host:port or
-# user@host. Defaults to no
-#
-# DoNTP yes
-
-#########################
-# Access control lists. #
-#########################
-# The format is: "ACL Allow|Deny SRC - DST [PORTS]"
-
-# SRC and DST may be in the form x.x.x.x, x.x.x.x/yy, x.x.x.x/y.y.y.y,
-# a dns name, or * to match everything.
-#
-# PORTS is a list of ports. If specified then the rule will only match
-# if the destination port of the connection is in this list. This is
-# likely only relevant if you are allowing non-transparent proxying of
-# ftp connections (ie. DoNTP is enabled above). Specifying * is equivalent
-# to not specifying anything - all ports will be matched
-#
-# Any connection that matches no rules will be denied. Since there are
-# no rules by default you'll need to add something to let any
-# connections happen at all (look at the last example if you are
-# feeling lazy/not bothered by security).
-#
-# # Examples:
-# # Allow local network to ftp to port 21 only, and block host ftp.evil
-# ACL Deny * - ftp.evil
-# ACL Allow 192.168.0.0/255.255.0.0 - * 21
-#
-# # Allow local network to ftp anywhere except certain dodgy ports. Network
-# # admin's machine can ftp anywhere.
-# ACL Allow admin.localnet - *
-# ACL Deny * - * 1-20,22-1024,6000-6007,7100
-# ACL Allow 192.168.0.0/16 - * *
-#
-# # You don't really believe in this security stuff, and just want
-# # everything to work.
-# ACL Allow * - *
-
projects / packages / frox.git / commitdiff