[BlueOnyx:06903] Re: MLSD not reporting symbolic links in ftp
Jeffrey Pellin
jeffrey at px2co.net
Wed Apr 6 02:06:07 -05 2011
Thanks Robert,
Unfortunately my ProFTP configuration is identical to yours. With FileZilla
are you using ftp or sftp? MLSD only applies to straight ftp and I can see
the links myself using SCP.
Regards
Jeffrey
On Tue, 05 Apr 2011 13:16:38 -0400, Robert Fitzpatrick <robert at webtent.org>
wrote:
> On 4/5/2011 9:40 AM, Jeffrey Pellin wrote:
>> Bump anyone?
>>
>> MLSD is the new standard(?) for ftp. Clients like FileZilla no longer
>> support non-MLSD commands like LIST. ProFTP say it's all down to the
>> server if symbolic links don't show.
>>
>> So can anyone tell me if they can ftp in to an up-to-date BO box with a
>> late version of FileZilla and see symbolic links? ie. is it a problem we
>> all have, or is it just my box?
>>
>
> Yep, just loaded a BO box over the weekend with all updates and can see
> sym links no problem with latest FileZilla. Same with WinSCP, can
> see...here is proftpd.conf...
>
>
>> [root at www1 admin]# cat /etc/proftpd.conf
>> # This is the ProFTPD configuration file
>> # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
>>
>> ServerName "ProFTPD server"
>> ServerIdent on "FTP Server ready."
>> ServerAdmin root at localhost
>> #ServerType standalone
>> ServerType inetd
>> DefaultServer on
>> AccessGrantMsg "User %u logged in."
>> #DisplayConnect /etc/ftpissue
>> #DisplayLogin /etc/ftpmotd
>> #DisplayGoAway /etc/ftpgoaway
>> DeferWelcome off
>> RequireValidShell off
>>
>> # Use this to excude users from the chroot
>> DefaultRoot / wheel
>> DefaultRoot / admin-users
>> DefaultRoot ~/../../.. site-adm
>> DefaultRoot ~ !site-adm
>>
>> # Use pam to authenticate (default) and be authoritative
>> AuthPAMConfig proftpd
>> AuthOrder mod_auth_pam.c* mod_auth_unix.c
>>
>> # Do not perform ident nor DNS lookups (hangs when the port is filtered)
>> TimesGMT off
>> IdentLookups off
>>
>> # begin global -- do not delete
>> MaxClients 100000
>> IdentLookups off
>> UseReverseDNS off
>> # end global -- do not delete
>>
>> # Port 21 is the standard FTP port.
>> Port 21
>>
>> # Umask 022 is a good standard umask to prevent new dirs and files
>> # from being group and world writable.
>> Umask 022
>>
>> # Default to show dot files in directory listings
>> ListOptions "-a"
>>
>> # See Configuration.html for these (here are the default values)
>> #MultilineRFC2228 off
>> #RootLogin off
>> LoginPasswordPrompt on
>> MaxLoginAttempts 3
>> #MaxClientsPerHost none
>> #AllowForeignAddress off # For FXP
>>
>> # Allow to resume not only the downloads but the uploads too
>> AllowRetrieveRestart on
>> AllowStoreRestart on
>>
>> # To prevent DoS attacks, set the maximum number of child processes
>> # to 30. If you need to allow more than 30 concurrent connections
>> # at once, simply increase this value. Note that this ONLY works
>> # in standalone mode, in inetd mode you should use an inetd server
>> # that allows you to limit maximum number of processes per service
>> # (such as xinetd)
>> MaxInstances 20
>>
>> # Set the user and group that the server normally runs at.
>> User nobody
>> Group nobody
>>
>> # Disable sendfile by default since it breaks displaying the download
>> speeds in
>> # ftptop and ftpwho
>> UseSendfile no
>>
>> # This is where we want to put the pid file
>> ScoreboardFile /var/run/proftpd.score
>>
>> # Normally, we want users to do a few things.
>> <Global>
>> AllowOverwrite yes
>> <Limit ALL SITE_CHMOD>
>> AllowAll
>> </Limit>
>> # Restrict the range of ports from which the server will select when
>> sent the
>> # PASV command from a client. Use IANA-registered ephemeral port range
>> of
>> # 49152-65534
>> PassivePorts 49152 65534
>> IdentLookups off
>> </Global>
>>
>> # Define the log formats
>> LogFormat default "%h %l %u %t \"%r\" %s %b"
>> LogFormat auth "%v [%P] %h %t \"%r\" %s"
>>
>> # TLS
>> <IfModule mod_tls.c>
>> TLSEngine on
>> TLSLog /var/log/proftpd/tls.log
>> TLSRequired off
>> TLSRSACertificateFile /etc/pki/dovecot/certs/dovecot.pem
>> TLSRSACertificateKeyFile /etc/pki/dovecot/private/dovecot.pem
>> TLSVerifyClient off
>> TLSOptions NoCertRequest
>> TLSRenegotiate required off
>> </IfModule>
>>
>> # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
>> #TLSEngine on
>> #TLSRequired on
>> #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
>> #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
>> #TLSCipherSuite ALL:!ADH:!DES
>> #TLSOptions NoCertRequest
>> #TLSVerifyClient off
>> #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
>> #TLSLog /var/log/proftpd/tls.log
>>
>> # SQL authentication Dynamic Shared Object (DSO) loading
>> # See README.DSO and howto/DSO.html for more details.
>> #<IfModule mod_dso.c>
>> # LoadModule mod_sql.c
>> # LoadModule mod_sql_mysql.c
>> # LoadModule mod_sql_postgres.c
>> #</IfModule>
>>
>> # A basic anonymous configuration, with an upload directory.
>> #<Anonymous ~ftp>
>> # User ftp
>> # Group ftp
>> # AccessGrantMsg "Anonymous login ok, restrictions
apply."
>> #
>> # # We want clients to be able to login with "anonymous" as well as
>> "ftp"
>> # UserAlias anonymous ftp
>> #
>> # # Limit the maximum number of anonymous logins
>> # MaxClients 10 "Sorry, max %m users -- try again
>> later"
>> #
>> # # Put the user into /pub right after login
>> # #DefaultChdir /pub
>> #
>> # # We want 'welcome.msg' displayed at login, '.message' displayed in
>> # # each newly chdired directory and tell users to read README* files.
>> # DisplayLogin /welcome.msg
>> # DisplayFirstChdir .message
>> # DisplayReadme README*
>> #
>> # # Some more cosmetic and not vital stuff
>> # DirFakeUser on ftp
>> # DirFakeGroup on ftp
>> #
>> # # Limit WRITE everywhere in the anonymous chroot
>> # <Limit WRITE SITE_CHMOD>
>> # DenyAll
>> # </Limit>
>> #
>> # # An upload directory that allows storing files but not retrieving
>> # # or creating directories.
>> # <Directory uploads/*>
>> # AllowOverwrite no
>> # <Limit READ>
>> # DenyAll
>> # </Limit>
>> #
>> # <Limit STOR>
>> # AllowAll
>> # </Limit>
>> # </Directory>
>> #
>> # # Don't write anonymous accesses to the system wtmp file (good idea!)
>> # WtmpLog off
>> #
>> # # Logging for the anonymous transfers
>> # ExtendedLog /var/log/proftpd/access.log WRITE,READ default
>> # ExtendedLog /var/log/proftpd/auth.log AUTH auth
>> #
>> #</Anonymous>
>>
>> # mod_ban configuration:
>> <IfModule mod_ban.c>
>> BanEngine on
>> BanLog /var/log/proftpd/ban.log
>> BanTable /var/log/proftpd/ban.tab
>>
>> # If the same client reaches the MaxLoginAttempts limit 30 times
>> # within 10 minutes, automatically add a ban for that client that
>> # will expire after 30 minutes.
>> BanOnEvent MaxLoginAttempts 30/00:10:00 00:30:00
>>
>> # Configure a rule to automatically ban scripts looking for
anonymous
>> # servers to which they can upload
>> #BanOnEvent AnonRejectPasswords 1/01:00:00 01:00:00
>>
>> # Ban clients which connect too frequently. This rule bans clients
>> # which connect more than 30 times within one minute. Include a
>> special
>> # message just for them and keep them out for one hour.
>> BanOnEvent ClientConnectRate 30/00:01:00 01:00:00 "Stop connecting
so
>> frequently!"
>>
>> # Allow the FTP admin to manually add/remove bans
>> BanControlsACLs all allow group wheel
>> </IfModule>
>
> Hope that helps!
>
> --Robert
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at blueonyx.it
> http://www.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list