# manpage: http://vsftpd.beasts.org/vsftpd_conf.html # Setup specially for an OpenBSD install # # Run in daemon mode background=YES listen=YES listen_address=120.111.222.111 #pasv_address=127.0.0.1 # # The new highly restrictive seccomp filter sandbox # If you see "OOPS: priv_sock_get_cmd" then disable seccomp seccomp_sandbox=NO # # User to run daemon as nopriv_user=_vsftpd ftp_username=_ftp # # Ftp ports connect_from_port_20=NO ftp_data_port=20 listen_port=21 pasv_min_port=49152 pasv_max_port=65535 pasv_promiscuous=NO port_enable=NO port_promiscuous=NO # # SSL (force options for a SSL only server) #ssl_enable=YES #ssl_tlsv1=YES #ssl_sslv2=NO #ssl_sslv3=NO #rsa_cert_file=/etc/ssl/private/vsftpd.pem #allow_anon_ssl=YES #force_anon_data_ssl=YES #force_anon_logins_ssl=YES #force_local_data_ssl=YES #force_local_logins_ssl=YES # # Timeouts connect_timeout=60 data_connection_timeout=120 idle_session_timeout=120 # # Information messages setproctitle_enable=YES banner_file=/etc/banner dirmessage_enable=YES ftpd_banner=Calomel.org ftp server # # Access limits and controls async_abor_enable=NO cmds_allowed=ABOR,APPE,CWD,DELE,HELP,LIST,MDTM,MKD,NLST,PASS,PASV,PWD,QUIT,RETR,RMD,RNFR,RNTO,SIZE,STOR,TYPE,USER #cmds_allowed=ABOR,CWD,DELE,LIST,MDTM,MKD,NLST,PASS,PASV,PWD,QUIT,RETR,RMD,RNFR,RNTO,SIZE,STOR,TYPE,USER,ACCT,APPE,CDUP,HELP,MODE,NOOP,REIN,STAT,STOU,STRU,SYST delay_successful_login=1 delete_failed_uploads=yes guest_enable=NO write_enable=YES max_clients=100 max_login_fails=1 max_per_ip=2 pam_service_name=vsftpd tcp_wrappers=NO hide_file={.*,*.mp3} deny_file={*.mp3} # # Preferences ascii_upload_enable=NO ascii_download_enable=NO hide_ids=YES ls_recurse_enable=NO use_localtime=NO # # Allow anonymous FTP? anonymous_enable=NO anon_max_rate=0 anon_mkdir_write_enable=NO anon_root=/disk01/ftp/ anon_world_readable_only=YES anon_umask=0022 anon_upload_enable=NO anon_other_write_enable=NO no_anon_password=NO # # Allow local user access? local_enable=YES local_max_rate=0 local_umask=0022 chroot_local_user=YES check_shell=NO chmod_enable=NO secure_chroot_dir=/var/empty userlist_enable=YES userlist_deny=NO userlist_file=/etc/vsftpd_users # # Logging dual_log_enable=NO log_ftp_protocol=NO vsftpd_log_file=/var/log/vsftpd.log xferlog_enable=YES xferlog_std_format=NO xferlog_file=/var/log/xferlog #