Re: [Proftpd-user] MasqueradeAddress directive and active ftp

[bascule <exc...@bi...>]

forgot to set reply-to for this list filter so i sent it direct before - sorry

i'm using 2.2.19 on a debian 'woody' install, proftpd 1.2.4, an old 486
'frankenstein's monster' and my proftpd.conf is as follows:

# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName                      "Debian"
ServerType                      inetd
DeferWelcome                    off

ShowSymlinks                    on
MultilineRFC2228                on
DefaultServer                   on
ShowSymlinks                    on
AllowOverwrite                  on

TimeoutNoTransfer               600
TimeoutStalled                  600
TimeoutIdle                     1200

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
LsDefaultOptions                "-l"

DenyFilter                      \*.*/

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
#PersistentPasswd               off

# Port 21 is the standard FTP port.
Port                            21

#Allow passive ftp from behind a firewall
PassivePorts 49152 49153

#The address of the server providing masq services
#MasqueradeAddress XXX.XXX.XXX.XXX


# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nogroup

# Normally, we want files to be overwriteable.
<Directory /*>
  # Umask 022 is a good standard umask to prevent new files and dirs
  # (second parm) from being group and world writable.
  Umask                         022  022

  AllowOverwrite                on
</Directory>

# A basic anonymous configuration, no upload directories.

<Anonymous ~ftp>
  User                          ftp
  Group                         nogroup
  # We want clients to be able to login with "anonymous" as well as "ftp"
  #UserAlias                    anonymous ftp


    AnonRequirePassword on
    AuthAliasOnly on
    AuthUsingAlias on
    # The list of authorized users.
    # user/pass lookup is for each user, not password entry
    # of server uid ('nobody' in this example).
    UserAlias ftpguest ftp

  RequireValidShell             off

  # Limit the maximum number of anonymous logins
  MaxClients                    10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  <Directory *>
    <Limit WRITE>
      DenyAll
    </Limit>
  </Directory>

  # Uncomment this if you're brave.
  # <Directory incoming>
  #   # Umask 022 is a good standard umask to prevent new files and dirs
  #   # (second parm) from being group and world writable.
  #   Umask                             022  022
  #            <Limit READ WRITE>
  #            DenyAll
  #            </Limit>
  #            <Limit STOR>
  #            AllowAll
  #            </Limit>
  # </Directory>

</Anonymous>

as you can see i've edited my actual firewall ip address, this server will
only be for a few family and friends to use, it won't be public, besides if i
take down the f'wall and bring it up again i have to edit as i technicall
have dyanamic ip on cable modem!

bascule

On Saturday 24 Nov 2001 6:43 pm, you wrote:
> First Question .. what kernel are you using?
>
>
> Mike