1 #Configuration file for bftpd.
2 #The given values are only examples, modify this file for your own needs.
6 #If set to no, access is allowed.
7 #If set to yes, access is denied without giving a reason.
8 #If set to anything else, access is denied giving the content of this
12 #The port number where the daemon should listen (only for daemon mode)
15 #You can force bftpd to use a specific port range in passive mode.
16 #Passive mode means that the client will open data connections
17 #and the server stays 'passive'.
18 #This option can be very useful with some firewall configurations.
19 #Seperate values with "," and define ranges with "-".
20 #bftpd will try to bind one of these ports in ascending order as
21 #you specify them here.
22 #If none of the given ports could be bound, the connection is
23 #is refused. If you want to bind any free port in that case, add
25 #PASSIVE_PORTS="10000,12000-12100,13000"
28 #If PORT data connections should be opened from port 20, say yes here. You
29 #will probably need this if your server is behind a firewall that restricts
30 #outgoing packets from ports higher than 1024. Note that this may be a
31 #security hole, as the server can not drop its root privileges completely
35 #The password for the administration commands, encrypted (man mkpasswd).
38 #With this option, you can put your entire FTP environment into a chroot
39 #jail. Apart from security, this offers you the possibility of having
40 #virtual users that don't exist in the system.
41 #Additionally, you can make some kind of 'file pool' by creating a directory
42 #with files which you can symlink from the users' homes (this means setting
43 #DO_CHROOT=no in order for the users to be able to access that dir.
44 #Note that you need the following files in your initial chroot directory:
45 #/etc/passwd, /etc/shadow, /etc/group
46 #On GNU systems, you will also need the NSS libraries in /lib.
47 #INITIAL_CHROOT="/ftp"
49 #The bftpdutmp file enables you to record user logins and logouts in
50 #bftpd, which is useful for the administration interface (which is not
51 #finished yet). You also need the file to be able to restrict the number
52 #of users simultaneously logged on, and so on.
53 #Note that the directory in which the file resides must already exist.
54 #Set the option to "" if you do not want that. This is discouraged for normal
55 #use, but can be helpful if you want to create a boot floppy or something.
56 PATH_BFTPDUTMP="/var/run/bftpd/bftpdutmp"
58 #This option controls the buffer size while transferring files.
59 #If you are on a very fast network (fast meaning 100 Mbit/s or more),
60 #you should set this to 64000 or something like that.
61 #Transferring from localhost to localhost, I had a transfer speed of
62 #approx. 15 MB/s with XFER_BUFSIZE=2048 and a speed of approx. 20 MB/s
63 #with XFER_BUFSIZE=64000. You should not set big values for this if you have
64 #slow (dialup) clients.
67 #When set to yes, this option makes the server allow data connections which
68 #don't go to the client who initiated them.
69 #This is needed for FXP.
72 #After how many seconds of idle time should a user be kicked from the server?
75 #After how many seconds of idle time should a user be kicked from the server
76 #during a file transfer?
79 #Use Ratio if you want the client to send a file before he can get a file.
80 #Usage: RATIO=send/receive or RATIO=none. Example: RATIO=2/1 lets the client
81 #receive a 1 MB file when he has sent a 2 MB file.
84 #ROOTDIR specifies the root directory of the client. It defaults to %h
85 #(user's home directory). %u is replaced by the user name.
88 #Umask for the files or directories users create.
91 #Name of the log file. Say "syslog" to log into syslog.
92 #Say "" for no logging.
93 LOGFILE="/var/log/bftpd.log"
95 #Use %v for version, %h for the server FQDN and %i for the server IP address.
96 HELLO_STRING="bftpd %v at %i ready."
98 #The server automatically chdirs to the directory given here after login.
101 #Authentication type, values: PAM, PASSWD
104 #Enable this if you want the client's IP address to be resolved to a host
105 #name. Note that it increases the overhead and it may not work if your DNS
106 #is not configured correctly. Clients without a valid DNS name will take very
108 RESOLVE_CLIENT_IP="no"
110 #Path to the message of the day, seen by all users before login.
111 MOTD_GLOBAL="/etc/ftpmotd"
113 #Path to the message of the day, seen after login, relative to the root
114 #path of the user (see ROOTDIR).
115 MOTD_USER="/.ftpmotd"
117 #If RESOLVE_UIDS is enabled, in directory lists the user and group names
118 #are shown instead of UID/GID. This may slow down directory listings.
121 #If DO_CHROOT is enabled, a user can not access directories other than his
122 #HOMEDIR and its subdirectories. DON'T disable this globally if you don't
123 #want to have a security hole!
126 #Enable this to log each login to wtmp.
129 #If you want bftpd to bind itself to one specific network interface, enter
130 #its IP address here. Else enter 'any'. This option only works in standalone
134 #Path to the ftpusers file. It can contain user names that are denied.
135 #If it does not exist, every user can log in. If you don't want this,
136 #just put a nonexistent filename here.
137 PATH_FTPUSERS="/etc/ftpusers"
139 #Enable this if you want to deny any user who has a shell which is not in
143 #With the option ALLOWCOMMAND_XXXX, you can disable the command XXXX.
144 #For example, if you don't want any user to delete files, you can do
145 #ALLOWCOMMAND_DELE=no
146 #Of course, you can disable it for specific users by writing the appropiate
147 #lines into the user structures.
148 ALLOWCOMMAND_DELE="yes"
149 ALLOWCOMMAND_STOR="yes"
150 ALLOWCOMMAND_SITE="yes"
152 #Files that belong to these groups (comma-separated) are hidden in LIST/NLST.
155 #What message should be used as reply for the QUIT command?
156 QUIT_MSG="See you later..."
158 #The number of users that can be logged in at the same time.
159 #If set to "0", an unlimited users will be able to connect. This is not
160 #recommended, as it makes DoS attacks possible, even if the clients are
161 #kicked after a short time.
164 #This variable controls how often one user can be logged in at the same time.
165 #This allows you to have a big connection limit (see above) and nevertheless
166 #prevent single users from having a lot of connections.
167 #This option may also be useful in a user {} or group {} environment.
168 USERLIMIT_SINGLEUSER="0"
178 #If the client wants anonymous, ftp is taken instead.
183 DENY_LOGIN="Root login not allowed."