FTP access is provided by the nsftp module, which can be loaded and configured into a virtual server. The nsftp module is a fully-functioning FTP server that uses the AOLserver's permission system. The following features are supported:
Anonymous logins: If anonymous FTP logins are permitted, users can browse and download from the website via FTP.
FTP commands: Most FTP commands are supported, including: ls, get, put, mget, mput, site, md, rd, cd, rename, del, type, syst, and quit. Users that have HTTP PUT permission are granted FTP write permission. The chmod command is also supported if enabled by the FtpAllowChangeMode parameter.
Logging system: The nsftp module has a logging system that tracks uploads and downloads using the Xferlog format (the same one as wu-ftp) and records system commands. If enabled by the FtpSysLog and FtpXferLog parameters, the system and file transfer log files are written to the nsftp.log and nsxfer.log files in the <AOLserver-root>/servers/<server-name>/modules/nsftp directory. Also, we recommend turning on FTP traces (with the FtpRunServerTraces parameter) so that transfers get logged in the standard access log with all the other web transfers.
Passive mode: The nsftp module supports PASV mode for server-to-server transfers and for FTP clients that can initiate PASV mode data connections. Usually, clients and servers initiate active mode data connections, which means that the client sends its address and port information to the server so the server can initiate the data connection. In PASV mode, the server sends address and port information to the client so the client can initiate the data connection. Some browsers, such as Netscape Navigator and Microsoft Internet Explorer, use PASV mode to initiate FTP transfers.
Traces on FTP transfers: The nsftp module supports the ability to run HTTP traces with ftp GET's and PUT's. This gives you transparent logging of ftp accesses to the standard AOLserver access log. (Automatic updating of full text indices is coming soon.) The nsftp module also supports running of the same trace functions that AOLserver uses.
Tcp wrapper functions: The nsftp module supports Tcp wrapper functions that authorize clients based on conventional hosts.allow/hosts.deny access control. The module uses the daemon name (ftpd), client IP address, and client hostname to perform the client authorization. To view the documentation for hosts.allow/hosts.deny access control syntax, download the tcp_wrapper package from http://wuarchive.wustl.edu/packages/security/tcp_wrappers/.
![[ Previous ]](navbprev.gif)
![[ Contents ]](navbhome.gif)
![[ Index ]](navbhelp.gif)
![[ Next ]](navbnext.gif)
