Novell Documentation: FTP Server< - Configuring FTP Server

Configuring FTP Server

Before starting the NetWare FTP Server software, configure it by setting the configuration parameters in the configuration file. The default configuration file is SYS:/ETC/FTPSERV.CFG. The parameters in this configuration files are commented with their default values.

When the NetWare FTP Server is started, the IP address of the host (HOST_IP_ADDR) and the port number of the NetWare FTP Server (FTP_PORT), as defined in the configuration file, are used to bind to and listen for FTP client connection requests. If these parameters are not defined in the configuration file, the FTP Server binds to all configured network interfaces and the standard FTP ports.

Multiple instances of the NetWare FTP Server can run on a single machine with different IP addresses, or port numbers. The various parameters in the configuration file along with the default values are described in the following tables:

NOTE: The configuration, restriction, welcome banner and the message files must follow the 8.3 file naming format as long name is currently not supported for these files.

Table 1. Multiple Instances Parameters

Parameter	Default Value	Description
HOST_IP_ADDR	IP address of the host	The IP address of the host that the FTP Server software is being loaded on.
FTP_PORT	21 (Standard FTP port)	The port number that the FTP server should bind to and listen for connection requests from. The maximum port number is 65534.

Parameter

Default Value

Description

HOST_IP_ADDR

IP address of the host

The IP address of the host that the FTP Server software is being loaded on.

FTP_PORT

21 (Standard FTP port)

The port number that the FTP server should bind to and listen for connection requests from.

The maximum port number is 65534.

Table 2. FTP Session Parameters

Parameter	Default Value	Description
MAX_FTP_SESSIONS	30	Maximum number of FTP sessions that can be active at a given point of time. Minimum value is 1. If this parameter value is set to zero, the FTP Server takes the default value.
IDLE_SESSION_TIMEOUT	600 (seconds)	Duration in seconds that any session can remain idle. The session will never time out if the value is set as negative, for example -1. The maximum value is 2³² (4294967296) seconds.

Parameter

Default Value

Description

MAX_FTP_SESSIONS

Maximum number of FTP sessions that can be active at a given point of time. Minimum value is 1.

If this parameter value is set to zero, the FTP Server takes the default value.

IDLE_SESSION_TIMEOUT

600 (seconds)

Duration in seconds that any session can remain idle. The session will never time out if the value is set as negative, for example -1.

The maximum value is 2³² (4294967296) seconds.

Table 3. Anonymous User Access Parameters

Parameter	Default Value	Description
ANONYMOUS_ACCESS	No	Specifies whether anonymous user access is allowed. Valid values are Yes and No.
ANONYMOUS_HOME	SYS:/PUBLIC	The Anonymous user's home directory. This path can contain up to 512 bytes.
ANONYMOUS_PASSWORD_REQUIRED	Yes	Specifies whether to ask for an Email ID as the password for Anonymous user to log in. Valid values are Yes and No.

Parameter

Default Value

Description

ANONYMOUS_ACCESS

Specifies whether anonymous user access is allowed.

Valid values are Yes and No.

ANONYMOUS_HOME

SYS:/PUBLIC

The Anonymous user's home directory.

This path can contain up to 512 bytes.

ANONYMOUS_PASSWORD_REQUIRED

Yes

Specifies whether to ask for an Email ID as the password for Anonymous user to log in.

Valid values are Yes and No.

Table 4. Access Restrictions Parameters

Parameter	Default Value	Description
RESTRICT_FILE	SYS:/ETC/FTPREST.TXT	FTP Server can define access restrictions to various levels of users, hosts, etc. These restrictions are defined in a file, which can be specified here. The path with the filename can contain up to 512 bytes. The minimum value of the IP address allowed is is 0.0.0.0 and the maximum value is 255.255.255.254. The value 255.255.255.255 is invalid since 255.255.255.255 is a broadcast address and not supported for ADDRESS_RANGE.

Parameter

Default Value

Description

RESTRICT_FILE

SYS:/ETC/FTPREST.TXT

FTP Server can define access restrictions to various levels of users, hosts, etc. These restrictions are defined in a file, which can be specified here.

The path with the filename can contain up to 512 bytes.

The minimum value of the IP address allowed is is 0.0.0.0 and the maximum value is 255.255.255.254.

The value 255.255.255.255 is invalid since 255.255.255.255 is a broadcast address and not supported for ADDRESS_RANGE.

Table 5. Login Parameters

Parameter	Default Value	Description
DEFAULT_USER_HOME_SERVER	Server where FTP is running	The name of the server that the default home directory is on. The path can contain up to 97 bytes.
DEFAULT_USER_HOME	SYS:\PUBLIC	The default home directory of the user. The path with the filename can contain up to 512 bytes.
IGNORE_REMOTE_HOME	No	Specifies whether to ignore the home directory, if it is on a remote server, and go to the default directory. Valid values are Yes and No.
IGNORE_HOME_DIR	No	Specifies whether to ignore the home directory and go to the default directory. Valid values are Yes and No.
FTP_CATALOG_NAME	FTPCAT	This is used for contextless login. This path with the name of the object can contain up to 512 bytes.
SEARCH_LIST		A list of fully distinguished names of containers in which FTP users are to be looked for, separated by commas (without any spaces). The length of this string including the commas should not exceed 2048 bytes. Spaces refer to the spaces in between the commas and contexts specified, not the spaces in the context. Each context specified by fully distinguished name must begin with a leading dot ( . ). You can specify a maximum of 25 containers.

NOTE: When logging in for the first time without specifying the context, the search criteria used by NWFTPD to find them will be in the following order:

The first bindery context of the server, if it is set.
The NetWare server object's context, if bindery context is not set.
The NDS Catalog Services catalog specified by the FTP_CATALOG_NAME parameter in FTPSERV.CFG.
The contexts listed in the SEARCH_LIST parameter of FTPSERV.CFG, in the order listed.

On successful login, the FTP server context gets set to the user's context. Therefore, for next login in the same session where context is not specified, the context will be searched for under this FTP Server context set to the context of the user previously logged in successfully.

Table 6. Intruder Detection Parameters

Parameter	Default Value	Description
DEFAULT_NAMESPACE	Long	The default name space. The valid values are DOS and LONG.
INTRUDER_HOST_ ATTEMPTS	20	The number of unsuccessful log in attempts for intruder host detection. The maximum value is 2 ³² (4294967296) attempts.
INTRUDER_USER_ATTEMPTS	5	The number of unsuccessful log in attempts for intruder host detection. The maximum value is 2³² (4294967296) attempts.
HOST_RESET_TIME	5	Time interval in minutes during which the intruder host is not allowed to log in. The maximum value is 2³² (4294967296) minutes.
USER_RESET_TIME	10	Time interval in minutes during which the intruder user is not allowed to log in. The maximum value is 2 ³² (4294967296) minutes.

NOTE: To disable intruder detection, set both intruder detection parameters, INTRUDER_HOST_ ATTEMPTS and INTRUDER_USER_ATTEMPTS to 0.

To enable intruder detection, set both intruder detection parameters, INTRUDER_HOST_ ATTEMPTS and INTRUDER_USER_ATTEMPTS to a value greater than zero 0. Also, set the value of the INTRUDER_HOST_ ATTEMPTS parameter to a value greater than the value set for the INTRUDER_USER_ATTEMPTS parameter.

Table 7. Firewall Support Parameters

Parameter	Default Value	Description
PASSIVE_PORT_MIN	1	Minimum port number used for establishing passive data connection. The port value range is 1 to 65534. The minimum port number must always be greater than zero, and less than 65534.
PASSIVE_PORT_MAX	65534	Maximum port number used for establishing passive data connection. The port value range is 1 to 65534. The maximum value should always be greater than zero and less than 65534.

Parameter

Default Value

Description

PASSIVE_PORT_MIN

Minimum port number used for establishing passive data connection.

The port value range is 1 to 65534.

The minimum port number must always be greater than zero, and less than 65534.

PASSIVE_PORT_MAX

65534

Maximum port number used for establishing passive data connection.

The port value range is 1 to 65534.

The maximum value should always be greater than zero and less than 65534.

Table 8. Welcome Banner and Message Files Parameters

Parameter	Default Value	Description
WELCOME_BANNER	SYS:/ETC/WELCOME.TXT	When the FTP client establishes a connection, the content of this file is displayed. The path with the filename can contain up to 256 characters.
MESSAGE_FILE	MESSAGE.TXT	When the user changes the directory, the contents of this file are displayed. For this, the file with that name should exist in the directory. The path withe the filename can contain up to 256 characters.

Parameter

Default Value

Description

WELCOME_BANNER

SYS:/ETC/WELCOME.TXT

When the FTP client establishes a connection, the content of this file is displayed.

The path with the filename can contain up to 256 characters.

MESSAGE_FILE

MESSAGE.TXT

When the user changes the directory, the contents of this file are displayed. For this, the file with that name should exist in the directory.

The path withe the filename can contain up to 256 characters.

Table 9. FTP Logs Parameters

Parameter	Default Value	Description
FTP_LOG_DIR	SYS:/ETC	The directory where log files will be stored. This path could contain up to 256 characters.
NUM_LOG_MSG	32000	Maximum number of messages that will be logged in each log file. The range is 2³¹ messages. However, the maximum messages allowed is based on the memory available.
FTP_LOG_LEVEL	7	Indicates the level of messages logged. These are: 1= ERROR 2= WARNING 4= INFORMATION The following combinations can be given. 3= ERROR, WARNING 5=ERROR, INFORMATION 6= INFORMATION, WARNING 7=ERROR, WARNING, and INFORMATION
FTPD_LOG	FTPD	FTPD.LOG file is automatically created. This file contains all the internal system related information encountered by the FTP server. The path with the filename could contain up to 256 characters.
AUDIT_LOG	FTPAUDIT	FTPAUDIT.LOG file is automatically created. This file contains details about the login activities of the user. The path with the filename could contain up to 256 characters.
INTRUDER_LOG	FTPINTR	FTPINTR.LOG file is automatically created. This file contains information about unsuccessful login attempts. The path with the filename could contain up to 256 characters.
STAT_LOG	FTPSTAT	FTPSTAT.LOG file is automatically created. This file contains details about all active sessions. The path with the filename could contain up to 256 characters.