# manpage: http://vsftpd.beasts.org/vsftpd_conf.html
# Setup specially for an OpenBSD install
#
# Run in daemon mode
background=YES
listen=YES
listen_address=120.111.222.111
#pasv_address=127.0.0.1
#
# The new highly restrictive seccomp filter sandbox
# If you see "OOPS: priv_sock_get_cmd" then disable seccomp
seccomp_sandbox=NO
#
# User to run daemon as
nopriv_user=_vsftpd
ftp_username=_ftp
#
# Ftp ports
connect_from_port_20=NO
ftp_data_port=20
listen_port=21
pasv_min_port=49152
pasv_max_port=65535
pasv_promiscuous=NO
port_enable=NO
port_promiscuous=NO
#
# SSL (force options for a SSL only server)
#ssl_enable=YES
#ssl_tlsv1=YES
#ssl_sslv2=NO
#ssl_sslv3=NO
#rsa_cert_file=/etc/ssl/private/vsftpd.pem
#allow_anon_ssl=YES
#force_anon_data_ssl=YES
#force_anon_logins_ssl=YES
#force_local_data_ssl=YES
#force_local_logins_ssl=YES
#
# Timeouts
connect_timeout=60
data_connection_timeout=120
idle_session_timeout=120
#
# Information messages
setproctitle_enable=YES
banner_file=/etc/banner
dirmessage_enable=YES
ftpd_banner=Calomel.org ftp server
#
# Access limits and controls
async_abor_enable=NO
cmds_allowed=ABOR,APPE,CWD,DELE,HELP,LIST,MDTM,MKD,NLST,PASS,PASV,PWD,QUIT,RETR,RMD,RNFR,RNTO,SIZE,STOR,TYPE,USER
#cmds_allowed=ABOR,CWD,DELE,LIST,MDTM,MKD,NLST,PASS,PASV,PWD,QUIT,RETR,RMD,RNFR,RNTO,SIZE,STOR,TYPE,USER,ACCT,APPE,CDUP,HELP,MODE,NOOP,REIN,STAT,STOU,STRU,SYST
delay_successful_login=1
delete_failed_uploads=yes
guest_enable=NO
write_enable=YES
max_clients=100
max_login_fails=1
max_per_ip=2
pam_service_name=vsftpd
tcp_wrappers=NO
hide_file={.*,*.mp3}
deny_file={*.mp3}
#
# Preferences
ascii_upload_enable=NO
ascii_download_enable=NO
hide_ids=YES
ls_recurse_enable=NO
use_localtime=NO
#
# Allow anonymous FTP?
anonymous_enable=NO
anon_max_rate=0
anon_mkdir_write_enable=NO
anon_root=/disk01/ftp/
anon_world_readable_only=YES
anon_umask=0022
anon_upload_enable=NO
anon_other_write_enable=NO
no_anon_password=NO
#
# Allow local user access?
local_enable=YES
local_max_rate=0
local_umask=0022
chroot_local_user=YES
check_shell=NO
chmod_enable=NO
secure_chroot_dir=/var/empty
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd_users
#
# Logging
dual_log_enable=NO
log_ftp_protocol=NO
vsftpd_log_file=/var/log/vsftpd.log
xferlog_enable=YES
xferlog_std_format=NO
xferlog_file=/var/log/xferlog
#