| Line | Revision | Contents |
| 1 | 40 | # This is an example fspd.conf file. Copy it and edit it to suit your tastes. |
| 2 | # Where you see a # in front of a configuration value it indicates that the | |
| 3 | # value is commented out, (e.g. # conf .fspd.conf below). The text accompanying | |
| 4 | # the entry will indicate what the value defaults to if it is commented out. | |
| 5 | ||
| 6 | # The 'port' command specifies which port the fspd server is to listen too | |
| 7 | # This is NOT needed if running under inetd, but otherwise is required. | |
| 8 | # Standard port for FSP is 21, other popular ports are 2001 and 2000. | |
| 9 | # Please run official FSP sites on port 21. | |
| 10 | 113 | # |
| 11 | 40 | # If you want a random port from 1024 - 65535 range, set port to 65535 |
| 12 | 113 | # |
| 13 | # ================================================================ | |
| 14 | # If you want to avoid detection by lamer security scanner nessus | |
| 15 | # do not use ports: 21, 2000 and 2221. | |
| 16 | # ================================================================ | |
| 17 | 40 | port 21 |
| 18 | ||
| 19 | 110 | # Server can listen only on particular network interface |
| 20 | #listenaddress 192.168.1.2 | |
| 21 | ||
| 22 | 83 | # The 'packetsize' sets maximal data size which will send FSPD in one packet. |
| 23 | # FSP definition allows up to 1024 bytes of data (default value) and it is a | |
| 24 | # recommended to use this value unless there is a reason to use a smaller one. | |
| 25 | 144 | # If your FSP site eats too much bandwidth try smaller value. |
| 26 | 124 | # |
| 27 | 144 | # You could try larger values. All networks are required to transfer 500 bytes |
| 28 | # long UDP packets. Almost all networks today works with 1300 and most with | |
| 29 | # 1400. On Ethernet you can go to 1460. Larger values are possible, but FSP | |
| 30 | # packet will be split into 2 or more IP packets which lowers reliability of | |
| 31 | # file transfers but you can get some speed gain. | |
| 32 | 124 | # |
| 33 | # Packets > 1024 bytes are never send out unless client requests them. | |
| 34 | 144 | # 12 byte long FSP header size is not included in packetsize. |
| 35 | 124 | # |
| 36 | 144 | # !!! If you change this value in 64-1024 range you must delete all prebuilded |
| 37 | # directory listings stored in .FSP_CONTENT files !!! | |
| 38 | 124 | |
| 39 | 40 | # packetsize 768 |
| 40 | ||
| 41 | # The 'conf' command allows a global file to read local files so that | |
| 42 | # multiple users at a site can use the same central fspd file. | |
| 43 | # | |
| 44 | # conf .fspd.conf | |
| 45 | ||
| 46 | # The 'homedir' command tells the server where it's ROOT directory is. | |
| 47 | # This directory must be given as an absolute path. | |
| 48 | # | |
| 49 | homedir /usr/fsp/data | |
| 50 | ||
| 51 | # 'homedir_restricted' off can allow symlinks which goes out of home | |
| 52 | # directory. | |
| 53 | homedir_restricted yes | |
| 54 | ||
| 55 | # 'use_access_files' if server should check for special .FSP files | |
| 56 | 144 | # in directory and set access rights according to that. |
| 57 | 113 | # In most installation, yes is right. Use `no` if people can upload |
| 58 | 110 | # files starting with .FSP into fsp server homedir. |
| 59 | 40 | use_access_files yes |
| 60 | ||
| 61 | # 'permit_passwordless_owners' If server allow directory owners without | |
| 62 | # any password only based on request IP. Because IP can be easily spoofed, | |
| 63 | # it is recommended to require a password. | |
| 64 | permit_passwordless_owners off | |
| 65 | ||
| 66 | # The 'tmpdir' command controls where the server stores temporary files | |
| 67 | 105 | # during upload or grab. You must have it or server will support |
| 68 | # read operations only. This can be absolute or relative path to home | |
| 69 | # dir. Server will try to create it. | |
| 70 | 40 | # |
| 71 | tmpdir /tmp/fsp | |
| 72 | ||
| 73 | 105 | # The 'pidlogname command controls where we write the fspd pid. |
| 74 | 94 | pidlogname /var/run/fspd.pid |
| 75 | ||
| 76 | 40 | # The 'grabcommand' can turn grab command on or off. |
| 77 | grabcommand on | |
| 78 | ||
| 79 | 113 | # The 'vercommand' can turn fver command on or off. All known FSP scanners |
| 80 | 129 | # are using this command for detection of FSP server presence. |
| 81 | 113 | # vercommand must be disabled for stealth operation. Yes, lamers sucks. |
| 82 | 40 | vercommand on |
| 83 | ||
| 84 | # The 'readme' commands specifies the name of the local readme file | |
| 85 | # for each directory. If no readme command is given, the readme file | |
| 86 | # defaults to .README | |
| 87 | # | |
| 88 | # readme .README | |
| 89 | ||
| 90 | # The 'dircache' command controls how much directories listings gets cached. | |
| 91 | 105 | dircache 100 |
| 92 | 40 | |
| 93 | # 'use_prebuild_dirlists' allows to load/save prebuilded directories | |
| 94 | 114 | # listing from filesystem. It is a good idea to allow that, because it |
| 95 | # helps server performance. Disable it only if you dislike .FSP_CONTENT | |
| 96 | # file in every directory. | |
| 97 | # Do not use on Win32 system! | |
| 98 | 105 | #use_prebuild_dirlists yes |
| 99 | 40 | |
| 100 | # The 'statcache' command controls how many directories are placed into | |
| 101 | # stat cache. Cache contains last modified time and access rights. | |
| 102 | statcache 30 | |
| 103 | ||
| 104 | # The 'statcache_timeout' command controls how long statcache entries are | |
| 105 | # valid before directory gets re-examined by stat() | |
| 106 | 110 | statcache_timeout 20 |
| 107 | 40 | |
| 108 | # 'use_directory_mtime'. If your filesystem changes mtime when directory | |
| 109 | # is updated, set it to YES. If set to NO, directory will be rechecked | |
| 110 | # after statcache_timeout and dircache entry invalidated. | |
| 111 | 105 | # Do not use on Win32 system. |
| 112 | #use_directory_mtime yes | |
| 113 | 40 | |
| 114 | # The 'filecache' command controls maximal number of open files by server. | |
| 115 | # After this limit will be reached, server will close last recently used files. | |
| 116 | # This do not prevent any number clients from downloading, but file for each | |
| 117 | 110 | # request must be opened first. Setting this lowers open/close overhead. |
| 118 | 40 | filecache 30 |
| 119 | ||
| 120 | # The 'dumpfile' command tells the server where to log stats on SIGUSR1 | |
| 121 | # signal. | |
| 122 | # It can be a relative path from the fspd home directory or an absolute | |
| 123 | # path. it must include the filename. | |
| 124 | dumpfile /var/run/fspd.stats | |
| 125 | ||
| 126 | # The 'logfile' command tells the server where to log things if | |
| 127 | # logging is enabled. | |
| 128 | # It can be a relative path from the fspd home directory or an absolute | |
| 129 | # path. | |
| 130 | # it must include the filename. | |
| 131 | # | |
| 132 | logfile ../logs/logfile | |
| 133 | ||
| 134 | # The 'log' command specifies the type of logging that should be performed. | |
| 135 | # The log command takes the following options | |
| 136 | # 'none' or any of 'all', '(!)errors', '(!)version', '(!)getdir', | |
| 137 | # '(!)getfile', '(!)upload', '(!)install', '(!)delfile', '(!)deldir', | |
| 138 | 121 | # '(!)setpro', '(!)getpro', '(!)makedir', '(!)grabfile',(!)readonly, |
| 139 | # '(!)stat', '(!)rename'. | |
| 140 | 40 | # logging of 'all' will include logging of errors. |
| 141 | # for example: | |
| 142 | # log all !errors -- will log all commands sent, but no error messages. | |
| 143 | # log all !getdir -- will log all commands except getdir and all errors | |
| 144 | 144 | # EXCEPT those that occurred on a getdir command. |
| 145 | 40 | # log install getfile errors -- will log all install and getfile commands |
| 146 | # as well as any errors that occur on ONLY those commands. | |
| 147 | # If no log command is given, logging will be turned of (same as 'log none') | |
| 148 | # | |
| 149 | 76 | log all !readonly |
| 150 | 40 | |
| 151 | 77 | #The 'xferlog' command tells server where to use wuftpd compatible |
| 152 | 144 | #transfer log file. Loging subsystem currently do not support |
| 153 | 113 | #recording of partial transfers. |
| 154 | 77 | xferlog ../logs/xferlog |
| 155 | ||
| 156 | 40 | # The 'thruput' command is used to specify the maximum average |
| 157 | # number of bytes per second that the server will transmit. Use | |
| 158 | # 'thruput off' to specify no through put control. A negative value or | |
| 159 | # zero will also shut off thruput control. If this command is not given, | |
| 160 | # it acts like 'thruput off' | |
| 161 | # | |
| 162 | # thruput off | |
| 163 | ||
| 164 | # The 'setuid' command is used to specify a specific uid under which the | |
| 165 | # FSP server will run. Use 'setuid off' or 'setuid 0' in order to not | |
| 166 | # attempt to perform a setuid. If this command is not given, it acts like | |
| 167 | # 'setuid off'. Using setuid enables you to run the server as a specific | |
| 168 | # user rather than as root, you may want to do this for security reasons. | |
| 169 | # If you do this then ensure that the user id you assign to fspd has the | |
| 170 | # necessary permissions to read and write from the directories you have | |
| 171 | # assigned elsewhere in this configuration file. | |
| 172 | 144 | # YOU MUST USE NUMERIC USER UID! setuid 56 |
| 173 | 40 | # |
| 174 | # setuid off | |
| 175 | ||
| 176 | 144 | # The 'setgid' command is similar to setuid, but sets a group. |
| 177 | # setgid off | |
| 178 | 40 | |
| 179 | # The 'umask' for uploaded files. Standard octal value. | |
| 180 | # umask 0033 | |
| 181 | ||
| 182 | # The 'serverumask' is used when creating special access files. | |
| 183 | # serverumask 0077 | |
| 184 | ||
| 185 | # The 'daemonize' command specifies whether the fspd should fork itself into | |
| 186 | # the background when started up. The only acceptable values are 'on' or | |
| 187 | # 'off'. If this command isn't given, it acts like 'daemonize on'. | |
| 188 | # | |
| 189 | # daemonize on | |
| 190 | ||
| 191 | # The 'debug' command specifies whether the server should write debugging | |
| 192 | # output to stderr while it is running. The only acceptable values are 'on' | |
| 193 | # or 'off'. If this command is never given, it acts like 'debug off'. | |
| 194 | # | |
| 195 | # debug off | |
| 196 | ||
| 197 | # The 'restricted' command specifies whether the server is run in restricted | |
| 198 | # mode. In this case, only hosts enabled via the 'host' command will be | |
| 199 | # able to connect. The only acceptable values for this command are 'on' or | |
| 200 | # 'off'. If the command isn't given, it acts as 'restricted off'. | |
| 201 | # | |
| 202 | # restricted off | |
| 203 | ||
| 204 | # The 'reverse_name' command specifies whether the server should refuse | |
| 205 | # connections to sites that it cannot reverse lookup, that is it cannot | |
| 206 | # turn the dotted decimal address (1.2.3.4) into a name (a.b.com). The | |
| 207 | # only acceptable values for this command are 'on' or 'off'. If the | |
| 208 | # command is not given, it acts like 'reverse_name off' by default. | |
| 209 | # | |
| 210 | # reverse_name off | |
| 211 | ||
| 212 | # The 'read_only' command specifies whether the server should ignore any | |
| 213 | # commands that would cause a 'write' action on the server. The commands | |
| 214 | # that are refused by this are upload, install, mkdir, deldir, delfile, | |
| 215 | # and setpro. The only acceptable values for this command are 'on' or 'off'. | |
| 216 | # If the command is not given, it acts like 'read_only off'. | |
| 217 | # | |
| 218 | # read_only off | |
| 219 | ||
| 220 | # The "host" command can be used to grant or restrict access on a per host | |
| 221 | # or per group of host basis. You can configure the server to either ignore | |
| 222 | # particular clients, treat them as normal, or to always return a particular | |
| 223 | # message to those hosts. Each host configuration line looks as follows: | |
| 224 | # | |
| 225 | # host host_mask [host_type message] | |
| 226 | # | |
| 227 | # host_mask is either the full numeric or text name of a machine OR | |
| 228 | # a wildcarded host mask. Wildcarded hostmasks look as follows: | |
| 229 | # | |
| 230 | # 128.4.*.*-128.8.*.* -- (* acts as the range 0 - 255) | |
| 231 | # | |
| 232 | # The above line would affect all hosts of the form 128.4.*.*, 128.5.*.*, | |
| 233 | # 128.6.*.*, 128.7.*.* and 128.8.*.*. | |
| 234 | # | |
| 235 | # Host masking is only available with numeric hosts, not with text names. | |
| 236 | # | |
| 237 | # host_type is one of D, I, or N : | |
| 238 | # I hosts are ignored | |
| 239 | # N hosts are treated as normal | |
| 240 | # D hosts will receive the error string message given as the third parameter | |
| 241 | # | |
| 242 | # If host_type isn't specified, the host is treated as ignored or normal | |
| 243 | # depending on the value of restricted. | |
| 244 | # | |
| 245 | # The following line allows all RDG machines (134.225.*.*) access to a site: | |
| 246 | # | |
| 247 | # host 134.225.*.* N | |
| 248 | # | |
| 249 | # ... while the following would ignore all hosts from RDG: | |
| 250 | # | |
| 251 | # host 134.225.*.* I | |
| 252 | # | |
| 253 | # ... and the following would return an error message to them all: | |
| 254 | # | |
| 255 | # host 134.225.*.* D Sorry You Cannot Access This Site | |
| 256 | ||
| 257 | # The "retry" command specifies time in sec, how much time must | |
| 258 | # pass after new packet with the old KEY from client will be accepted | |
| 259 | # FSP protocol definition says that must be at least 3 secs, but you | |
| 260 | # can set this to shorter time and allow faster error recovery. It is | |
| 261 | 144 | # highly recommended to keep it at least 3 seconds. |
| 262 | 40 | # retry 3 |
| 263 | ||
| 264 | # The "timeout" command specifies how much time must pass after new | |
| 265 | # packet with wrong KEY number is accepted. FSP definition sets this | |
| 266 | 105 | # to 60 seconds. You can set it to lower value for faster clients |
| 267 | # recovery (about 20 sec is fine). | |
| 268 | 40 | |
| 269 | # timeout 60 |
Loggerhead is a web-based interface for Bazaar branches