View Single Post
Old 04-16-2011, 06:57 AM  
kathorga
Junior Member
 
Join Date: Apr 2011
Posts: 3
Default

Ok guys, there is my ioFTPD.ini
at HOST i tried local, extrenal and my.no-ip address, still same
Please check if rest it set up correctly.
Another friend said that fxp works pretty well without upnp enabled, leeching still not working..

Code:
###
### This is the main configuration file for ioFTPD.
### -----------------------------------------------
###
### Note from Yil:
###   I've put in a number of useful pieces of information and attempted
###   to document a few options as well as added some new ones.  I suggest
###   reading the whole thing through once before changing anything as
###   details on user flags, permission matching, etc are spread throughout
###   the file and are often not defined before their first use.  I instead
###   chose to document formats where they are first seriously used to make
###   looking things up easier where your likely to make future changes.
###
### NOTE: The first 2 sections you MUST setup/examine as they include ports
###       that must be forwarded in any routers/firewalls you may have...
###
### 
### WARNING: ioFTPD doesn't report errors reading this configuration file
### -------  very well.  Before making any changes backup this file, make
###          the change, and if something isn't working right revert back
###          to the known good version.
###
### Lines starting with a # or ; are considered comments.  Single number
### or True/False settings can be followed with a # comment on the same line
### since only the first word is processed.  Most string settings cannot
### reliably accept comments on the same line so don't add any that aren't
### already there.
###
###
### the ioFTPD FAQ can be found in the knowledge base:
###   http://www.inicom.net/pages/en.ioftpd-kb.php
###
### documentation on ioFTPD is available:
###   http://www.inicom.net/pages/en.ioftpd-documentation.php
###
### you can also visit the ioFTPD user's and developer's forum:
###    http://www.inicom.net/forum
###
### a description of this file format is available from wikipedia:
###   http://en.wikipedia.org/wiki/INI_file
###
###


###############################################################################
#################################   DEVICES   #################################
###############################################################################
#
# A device is used by a service (ftp, or http) to specify connection
# information such as which address and ports to bind to, and whether to shape
# outgoing traffic.
#
# By default, the only device is the "Any" device, configured to bind
# to all local ip addresses and to use a reasonable port range for ftp
# passive connections that you MUST forward in routers/firewalls.
#
#
# Find the case that best matches your network setup:
#
# A) You connect directly to your ISP with either a static or dynamic
#    external IP address and you can see it when you look at configured
#    network interfaces.  I.e. the address when you look at the interface
#    in My Network Places doesn't match 192.168.*.*.
#      Host = 0.0.0.0
#
# B) You are behind a hardware NAT firewall such as linksys, netgear, etc
#    and have a static IP address.
#      Host = external-IP
#
# C) You are behind a hardware NAT firewall with a dynamic IP address and
#    do not use a dynamic DNS service.  See detailed notes below.
#      Host = 0.0.0.0
#
# D) You are behind a hardware NAT firewall with a dynamic IP address and
#    you DO use a dynamic DNS service (like the free no-ip.org, etc).
#      Host = my.host.com
#
# Details:
# 1) ioFTPD uses the IP address found through the Host= line for PASV
#    connections.  If you happen to be behind a router and thus have a local
#    IP address like 192.168.*.* using Host=0.0.0.0 will stuff your 192 addr
#    into the PASV response.  This is clearly wrong, but so many FTPs are
#    misconfigured this way that FlashFXP v3+ and many other clients
#    automatically use the IP originally used to connect to the site when
#    they see this which masks the problem for most users.
# 2) Case C is best handled by just giving out the bogus 192 address and
#    letting FTP clients deal with it, although I suggest you setup a
#    free dynamic DNS resolver instead!
# 3) Host=name for dynamic IP address works with no-ip, etc if you avoid
#    the startup race condition by making sure ioFTPD starts only after
#    the update has been done and propigated.  Hard to guarantee, but a
#    site rehash or the next &ConfigUpdate scheduler event in 15 minutes
#    or less will fix this problem so it's not too bad.
#
# IMPORTANT NOTE!!!
# -----------------
# If your server has a 192.168.* style IP address because you are behind a
# NAT firewall/router and you are connecting locally to the FTP server on
# the same machine, or from another machine behind the router then you may
# experience problems with PASV connections.  This is because a properly
# configured server must reply to PASV commands using your EXTERNAL IP.
# Local connections cannot be tested for because the client may be attempting
# to FXP which requires the external address must be sent.  If your router
# doesn't recognize and properly redirect attempts to talk to yourself then
# things won't work...
#
# To solve this problem simply configure the site in your FTP client to
# "Use site IP for PASV connections" (in FlashFXP it's under site->options).
# This should fix the problem for you.

# DEVICE 'Any'
[Any]

# Host=<local ip/hostname> - your external IP address if known
Host     = 88.XXX.XXX.XXX

# Bind=<local ip/hostname> - Specifies a specific network interface that
#   that sockets/connections should use.  Shoul only be needed in rare
#   situations on multi-networked computers or wierd PPoE setups, etc.
#   This address is never communicated to clients directly, and Host=
#   still determines the reply to use in PASV responses.
;Bind    = 0.0.0.0

# A comma separated list of individual ports or port ranges (x-y) to use in
# response to PASV connection transfer requests.
# *** IF YOU ARE BEHIND A ROUTER/FIREWALL YOU MUST FORWARD/ALLOW THESE PORTS
# FOR PASSIVE FILE TRANSFERS TO WORK!!! ***
Ports   = 40000-42000

# If not false then randomize the allocation of PASV ports.  Should almost
# always be true.
Random  = True

# This option allows you to control which ports the server uses for outgoing
# connections.  If Out_Ports is undefined that means use the old default of
# Port-1 for the service (defined below) initiating the connection.  However
# to avoid "Connection closed: Only one usage of each socket address
# (protocol/network address/port) is normally permitted" errors caused by the
# receiving server or FTP client not having a large enough port range you can
# specify additional local ports to use.  An Out_Ports of 0 means use any
# port which for almost all cases eliminates the problem and is the new
# prefered setting unless you have a router/gateway that needs you to limit
# the outgoing ports.
# NOTE: Only the first single or range of ports is used.
Out_Ports = 0

# Max total server bandwidth to use, leave commented out for no limit
;Global_Inbound_Bandwidth       = 10000
;Global_Outbound_Bandwidth      = 10000
# default per client connection bandwidth, no limit if commented out
;Client_Inbound_Bandwidth       = 100
;Client_Outbound_Bandwidth      = 50

# List the complete FTP FEAT response line(s) you wish to suppress here
# except for the LIST/STAT commands which ignore everything after the '-'
# because the list of valid -options can now varies depending on the user.
# Since there are two MDTM lines use MDTM-- to suppress the plain MDTM line.
;Feature_Suppression      =



###############################################################################
################################   SERVICES   #################################
###############################################################################
#
# the services section is used to configure the ftp and http services.
#

#############
# FTP SETUP #
#############
[FTP_Service]
Type                    = FTP

# Name of "Device" configured above to bind to when listening for client
# connections.
Device_Name             = Any

#-------------------------------------------------------------
# The port for people to connect to your FTP on.
# *** You MUST forward this port as well in your router!!! ***
#-------------------------------------------------------------
Port                    = 21
# NOTE: Port-1 will be used for all active outgoing connections if you
# need to allow these explicitly in a router.

User_Limit              = 10
Allowed_Users           = *
Messages                = ..\text\ftp

#
# Encryption - See "Permissions" section below for syntax. The default
# allows anyone to connect to the server without TLS/SSL.
#
# To force everyone (a good idea!) to use secure connections except for
# the default ioFTPD account which is configured to only allow connections
# from the same machine as the server use
#    Require_Encrypted_Auth  = !-ioFTPD *
#    Require_Encrypted_Data  = !-ioFTPD *
#
Require_Encrypted_Auth  = !*
Require_Encrypted_Data  = !*

#                >>>>>>>>>>>> SSL CHANGE THIS <<<<<<<<<<<<<<
#
# Name of the SSL certificate to use for this service.  If at the very top
# use have a HOST= line that is anything other than 0.0.0.0 you don't need
# to explicitly set this as the server will try to load a cert with the
# specified HOST= name and if that fails it will try the default of "ioFTPD".
#
# NOTE: You can now use "site makecert" and "site removecert [name]" to 
# manipulate installed certificates.
Certificate_Name        = ceryfikatename

# If no certificate was found at all and this is 'True' then at startup
# try to create a new certificate automatically and load it for use.
# Default is False.
Create_Certificate = True

# If undefined or 'True' the server will respond with a clear text FTP
# greeting and users will send the 'AUTH TLS' or 'AUTH SSL' commands to
# enable encryption.  If set to 'False' then assume implicit encryption which
# means negotiate TLS/SSl immediately before any text sent.  You most likely
# want to leave this with the default 'True' setting.
Explicit_Encryption     = True

# You can limit the TLS/SSL negotiation method to: SSL2, SSL3, or TLS.
# I strongly suggest leaving this undefined (the default) to support all 3
# methods.  If you do modify this you should also consider passing the
# appropriate NO_SSLv2, NO_SSLv3, and/or NO_TLSv1 options to the library
# via the OpenSSL_Options feature below.
# WARNING: This also affects data connections to/from the service.
;Encryption_Protocol     = SSL3

# You can specify any v1.0 OpenSSL option flag to modify the encryption
# library's behavior.  Arguments are separated by "|" and the "SSL_OP_" prefix
# should be left off.  The complete list of options is available at:
#  http://www.openssl.org/docs/ssl/SSL_...t_options.html
# The 2 suggested options are:
#   ALL       - enable all compatibility options to work around broken SSL
#               implementations.
#   NO_TICKET - Disable RFC4507bis tickets for stateless session resumption.
#               FlashFXP disabled this because of issues with some Java SSL
#               implementations so I figure we should do the same.
OpenSSL_Options = ALL|NO_TICKET

# You can control which ciphers are available.  Documentation is available at:
#   http://www.openssl.org/docs/apps/ciphers.html
# The default of "DEFAULT:!LOW:!EXPORT" excludes anything under 128 bits.
# NOTE: This affects both control and data connections!
OpenSSL_Ciphers = DEFAULT:!LOW:!EXPORT

# Active mode data transfers require the server to create connections to the
# user specified IP/Port.  For security reasons the server should be prevented
# from connecting back to itself or initiating connections to any machine
# behind a firewall.  By default the server will block access to the following
# non-routable private IP ranges: 10.* 172.16.* 192.168.* and the loopback
# interface 127.*.  To disable this feature entirely just specify 0.0.0.0
# as the host to block.  You may however specify a custom list of IP addresses
# or ranges using glob-style wildcards provided you don't skip any numbers
# when enumerating them via 'Deny_Port_Host_<num>'.  <num> starts at 1.
;Deny_Port_Host_1 = 127.*
;Deny_Port_Host_2 = 192.168.*.*
;Deny_Port_Host_1 = 0.0.0.0

# IDNT command restricted to use by these hosts.  You may list up to 10 IP
# addresses or hostnames (i.e. BNC_HOST_10) without skipping numbers.
# You may use wildcards.
;BNC_HOST_1 = 127.0.0.1

# List of "devices" configured above to use for data transfers, none means
# use Device_Name as data device.
;Data_Devices            =

# Traffic Balancing: use random or round robin among configured Data_Devices
;Random_Devices          = True



###############################################################################
#################################   NETWORK   #################################
###############################################################################

[Network]
# list of services (you just defined them above!) to start
Active_Services            = FTP_Service

# If Ident_Timeout set to 0 the server won't send any IDENT requests,
# in which case you'll need "*@..." for all user hostmasks or you need
# to enable the Ignore_Hostmasks_Idents option.
Ident_Timeout              = 5          # Set ident timeout (10)
Hostname_Cache_Duration    = 1800       # Seconds cached hostname is valid
Ident_Cache_Duration       = 600        # Seconds cached ident is valid (1800)

# Ignore ident portion of hostmasks.  If you set this to true then the system
# will ignore any ident difference and just examine the host/IP portion of
# the hostmask.
Ignore_Hostmask_Idents     = False      

# To be removed from the ban list a user MUST NOT attempt to connect during
# the temp ban time else he'll just keep pushing the ban farther out...
Connections_To_Ban         = 6          # 6 connections without a reset and
                                        # IP is temp banned (5)
Ban_Counter_Reset_Interval = 60         #
Temporary_Ban_Duration     = 300        # Seconds host remains banned

# Maximum time to suppress log entries for the same reason from the same IP.
# Default is 10.
;Max_Log_Suppression        = 10

# Number of minutes to increase the delay between each suppressed message
# until Max_Log_Suppression is reached. Default is 1 additional minute per.
# You can now array to get 1,2,etc messages per Max_Log_Suppression window
# which with large values means you can reduce logfile spam if needed.
;Log_Suppression_Increment   = 9

# this controls how often the socket bandwidth scheduling thread is run.  If
# you are not limiting bandwidth then this can be disabled.
# Valid values: HIGH/NORMAL/LOW/DISABLED
Scheduler_Update_Speed     = HIGH

# List of space separated wildcard IP/hosts that are immune from banning.
# NOTE: There is a difference between IP addresses and hostname masks. The
#       decision about whether to reject an address for too many connection
#       attempts (i.e. auto-ban) is made immediately after the connection is
#       established.  This means that the reverse DNS lookup to get the
#       fully qualified hostname hasn't even started yet (unless a cached
#       answer is still around and valid).  This is usually fine since you
#       obviously can't be banned on the first attempt, but if you tried 10
#       connection attempts all at the same time this might result in a ban
#       and rejection for some of them until the name finally resolves.
#       Once the name has been resolved the next connection attempt will
#       ignore and clear the temp ban.
# NOTE: 127.0.0.1 is always immune.
Immune_Hosts               = 192.168.*.*


# Permission list for user's whose IP/host masks should be immune from auto-
# banning.  Essentially this is the same as collecting up all the IP/host
# parts of the matching user's hostmasks and automaticaly specifying them as
# Immune_Hosts.  The user list and associated IP/hosts are only updated at
# startup and rehashes.
# WARNING: just one user with *@* or something similiar (or changed to that
#          later on!) will effectively turn off auto-banning and thus use of
#          this option is discouraged!
;Immune_Users               = I


# Requirements/rules for adding IP masks by the specified users.  You can
# have up to 20 consecutive entries starting at 1 which will be processed in
# numerical order with the first satisfied rule allowing the change.  If
# no rule is matched then the change is prohibited and the user shown a list
# of valid rules for them.  If Secure_Ip_1 is not defined everything is
# acceptable for backwardward compatibility.
#
# Format: <ident> <type> <min-fields> <users>
#   <ident>      = 0 -> User ident not required (*@...)
#                  1 -> User ident must be supplied (ident@...)
#   <type>       = 0 -> Only sets of numeric IPs allowed
#                  1 -> Allow fully qualified hostnames (...@hostname)
#                  2 -> Allow fully qualified hostnames that will be resolved
#                       at login time allowed (:ident@hostname).
#                  3 -> any hostname/IP (may include wildcards OR be dynamic)
#   <min-fields> = Minimum number of non-wildcard fields separated by periods.
# NOTE: A fully qualified hostname doesn't need to pass the minimum field
#       test so <type>'s 1 and 2 ignore the <min-fields> argument.
#
# Master accounts can do whatever they want, but if they don't match a rule
# the log entry and status message will indicate that a "master override"
# was used.
#
# If you want to support *@* and other such things without that message
# set this rule to match M (or whoever else) accounts instead of nobody (!*).
;Secure_Ip_1 = 0 3 0   !*

# Allow *@1.2.*.* or ident@1.2.*.* or more specific style masks
;Secure_Ip_2 = 0 0 2 G1M

# Allow ident@foo.bar.com style masks
;Secure_Ip_3 = 1 1 0 G1M

# Allow dynamic :ident@foo.bar.com style masks
;Secure_Ip_4 = 1 2 0 G1M

# Allow ident@*.bar.com style masks
;Secure_Ip_5 = 1 3 2 G1M

# NOTE: Only M accounts can set *@* with these defaults


# Maximum number of worker threads to use to resolve hosts.  If you raise
# this make sure to raise the number of Worker_Threads at the top of the
# file to a larger value to keep from creating/destroying threads.
Max_Resolver_Threads     = 2

# If a user hostmask begins with a colon ":" and is a hostname without any
# wildcards then during the login event you can control what happens.
#  undefined -> do nothing
# "NEVER"    -> do nothing
# "KNOCKED"  -> only do lookups if the user has successfully KNOCKED.
# "ALWAYS"   -> always lookup the specified hostname
Dynamic_DNS_Lookup = ALWAYS

# If Dynamic_DNS_Lookup is set to KNOCKED/ALWAYS or you are using an external
# user module then in theory someone could watch for delayed responses to
# the login command and try to statistically determine usernames.  To prevent
# this you can set this to the maximum number of seconds to randomly delay
# all responses to the login command.
;Random_Login_Delay = 5

# Set this to true to automatically disconnect connections from hosts who
# do not match any user's IP/host mask.
;Reject_Unknown_Ips       = True

# When using Reject_Unknown_Ips there is no way to even get to a login prompt
# if your IP has changed.  This can now be a common problem for people using
# dynamic hostmasks.  The solution is a very simple knock-knock system which
# will add the knocking IP to a temporary list so you can connect.
# Knocking essentially means connecting via TCP to between 1 and 5 ports in a
# short amount of time (60 seconds per).  This can easily be done in most FTP
# programs by just setting up fake ftp servers on the knock ports and trying
# to connecting in order, or by using the ioKnock GUI on windows machines.
#
# NOTE: You must connect in order!  Thus using at least 3 non-sequential ports
#       means a sequential port scan won't trigger the knock and produce a
#       prompt on the real FTP port.
;Knock_1 = 14123
;Knock_2 = 11123
;Knock_3 = 12123

# How many elements of the dotted IP address should be obscured with * in
# the logfiles.  IP=1.2.3.4 with 1 -> 1.2.3.*, 2 -> 1.2.*.*, 3 -> 1.*.*.*
# and 4 -> -hidden-.
;Obscure_IP = 2

# How many elements of the dotted hostname should be obscured with * in
# the logfiles.  NAME=baz.foo.bar.com with 1 -> *.foo.bar.com, 3 -> *.*.*.com
# and if the name is totally obscured -hidden- will be shown instead.
;Obscure_Host = 1

# Log OpenSSL library errors during transfer to Debug.log.  Default is false.
Log_OpenSSL_Transfer_Errors = True



###############################################################################
#################################   SECTIONS   ################################
###############################################################################

[Sections]
## Maximum of 25 different credit sections ##
#
# <alias> = <credit section #> <path>
# <alias> = <credit section #> <stats section #> <path>
# <alias> = <credit section #> <stats section #> <share section #> <path>
#
# <alias>            -> name to use for this path
# <credit section #> -> section number to use for looking up user's ratio
# <stats section #>  -> section number to apply up/down statistics to, if
#                       not defined then same as credit section.
# <share section #>  -> section number to add/subtract credits, if not
#                       defined then same as credit section
#
# Sections are looked up one of two ways: by path or by stats section.
# In either case the first match found by processing the entries in
# the order listed is used.  Thus the first path that matches the current
# directory determines the credit, stat, and share section numbers so
# more specific paths should come first.  When using the cookie
# %[SectionName(#)] the <alias> field of the first line with a matching
# <stats section #> is the name used.
#
# Examples:
#
# Default = 0 0 0 *
#
#   The trivial case.  Just one section defined.  Nice and simple.
#
# Movies = 1 1 0 /Xvid/*
# Movies = 1 1 0 /DVDR/*
# Default = 0 0 0 *
#
#   This server has two sections (0-1) and shows how you can have multiple
#   distinct paths be part of the same section.   Notice the 0 as the third
#   integer for all three entries.  This means that credits for up/downloading
#   are controlled by the user's section 0 credits but the ratio to apply
#   varies based on the user's associated section ratio. So if the user has a
#   1:3 ratio for both section 0 and 1 it will appear as if the server isn't
#   using sections at all since their credits will works the same anywhere.
#   However it's possible that a user could have 1:3 ratio for section 1, and
#   leech for section 0 which would mean that particular user needs credits
#   for movie downloading but can grab anything else for free.  The second
#   integer means movie up/down transfer statistics are tracked separately
#   which is particularly useful in this case with some users having leech
#   on particular sections.
#
# Games = 3 2 2 /XBOX/*
# Games = 2 2 2 /Games/*
# Movies = 1 1 0 /Xvid/*
# Movies = 1 1 0 /DVDR/*
# Default = 0 0 0 *
#
#   This setup defines four sections (0-3).  The key here is that the "Games"
#   section is actually made up of two sections that share credits distinct
#   from the rest of the server and can apply different up/down ratios based
#   on whether it's a PC game or and XBOX game.
#
# Games = 0 2 0 /XBOX/*
# Games = 0 2 0 /Games/*
# Movies = 0 1 0 /Xvid/*
# Movies = 0 1 0 /DVDR/*
# Default = 0 0 0 *
#
#   This setup is actually a really simple case.  It uses section 0 for ratio
#   and credits everywhere, but tracks up/down statistics based on path.
#   This can be rather useful information when viewing the userfile to
#   see who up/downs where.

Default = 0 0 0 *



###############################################################################
###################################   VFS   ###################################
###############################################################################
# ioFTPD uses unix-style permissions, meaning there is a user and group id
# which determines the access rights for a file or directory.  Permissions
# are specified with the standard octal numeric representation of the
# read/write/execute bits for user, group, and other.
#
# When looking at a directory listing you will see lines starting with:
#
#   drwxr-xr-x 2 user group
#   -rwxrwxr-x 1 user group
#   ^^  ^  ^
#   ||  |  |
#   ||  |  --- permissions for everyone
#   ||  ------ permissions for people in the same group as the file
#   |--------- permissions for the owner of the file
#   ---------- d for directory, - for file, l for symbolic link
#
# r = means you can read the file
# w = means you can delete/write to the file
# x = for directories means you can enter the directory.
#
# To get the numeric representation of the permission just add up the octal
# bits for each trio of permissions for owner,group, or other...
# 421
# rwx = 7
# rw- = 6
# r-x = 5 
# r-- = 4
#
#
# format: <filemode> <owner uid>:<owner gid>
#

[VFS]
# The default is to give everyone just read access to all files and
# directories and set the default owner of files to the ioFTPD account.
#
# format: <filemode> <owner uid>:<owner gid>
#
Default_Directory_Attributes    = 755 0:0
Default_File_Attributes         = 644 0:0

# If a file is manually deleted (not wiped, but specifically deleted) then
# subtract the filesize from appropriate day, week, month, alltime transfer
# stats for the user who uploaded the file.
Modify_Stats_On_Delete  = False

# The server now supports 3 modes for handling NTFS directory junctions and
# symbolic links.
#   IGNORE : Treats all directories the same which means the server isn't
#            aware of NTFS reparse points at all [old method].
#
#   SHARE  : Make the server aware of NTFS reparse points so it can just keep
#            a link to the target directory instead of a completely separate
#            directory listing in the dir cache.  This mode also allows the
#            NTFS junction/symbolic link timestamp to be updated correctly
#            because it's aware that the time we are interested in is that of
#            the target directory and not the reparse point itself.  For
#            servers with a lot of 'sorted' style links this will reduce
#            memory usage.  NTFS reparse points still show up in directory
#            listings as plain directories.  [new default for the moment]
#
#   SYMLINK: This is effectively 'SHARE' mode as far as the directory cache
#            itself is concerned.  When displaying the directory in listings
#            it should be shown as if it were an ioFTPD symbolic link to the
#            target directory.  To me this is the preferred way to view the
#            listing, however extra processing is required to determine the
#            target of the link because NTFS junctions use real directory
#            paths and the server must return a VFS path just as ioFTPD
#            symbolic links do.  Therfore a real->symbolic path converter is
#            used on the fly as the reversal is VFS mountfile dependent.
#
#  NOTE: 'SYMLINK' mode has a real advantage over 'SHARE' mode.  Because
#         the listing is clear that you are dealing with a link and not a real
#         directory you can safely and easily delete the link.  In FTP clients
#         like Flash, Rush, etc this results in a simple file delete and they
#         won't ask permission, or try, to decend into the directory and start
#         deleting it's contents so it can remove the directory itself.  This
#         is particularly important because doing so would remove the only
#         copy of the files as they are actually in the target directory.
#
#  WARNING: For the moment reverse VFS resolving used in 'SYMLINK' mode
#           requires the target directory be exported in the .vfs file else
#           it won't be reversible.
#
# NTFS junctions (which are a type of reparse point):
#   http://en.wikipedia.org/wiki/NTFS_junction_point
# NTFS symbolic links (available on Vista+ as a type of reparse point):
#   http://en.wikipedia.org/wiki/NTFS_symbolic_link
#
# IMPORTANT: If you use a script or if the server supports creating NTFS
#            symbolic links in the future please see the above symbolic link
#            article on how to enable the creation of symbolic links by
#            regular users and non-elevated admins which is something you want
#            to do for the account running ioFTPD.  NTFS junctions which are
#            what most scripts use don't seem to require special permissions.
#
# Windows Explorer in Window XP and before show NTFS junctions (it doesn't
# support NTFS symlinks) as regular directories.  In Vista+ they show up
# the same as shell shortcuts ( .lnk files) which makes them far more useful
# since you realize you are dealing with a link and unlike ioFTPD symlinks you
# can access the target directory by simply clicking on it.
# 
# IGNORE, SHARE, SYMLINK
NTFS_Reparse_Method = SYMLINK


# This safety feature only works when 'NTFS_Reparse_Method' is set to 'SHARE'
# or 'SYMLINK'.  When enabled it prevents accessing files and directories that
# are not explicitly exported via the VFS file.  Thus a NTFS junction/symlink
# to c:\Windows wouldn't work since it's unlikely you actually put that into a
# VFS file.  This is a safety feature for use with NTFS reparse points and
# doesn't effect ioFTPD symbolic links because they already had to be valid
# VFS paths and thus resolvable via the .vfs file.
VFS_Exported_Paths_Only = True



###################
### PERMISSIONS ###
###################

# These are RAW permissions.  You must have permission here to even attempt
# the indicated operation.  After this check is made the finer grained
# individual file or directory based access rights are applied.  Thus this
# section is for course grained access such as the entire /Incoming tree,
# or the entire /Pub directory, etc.
#

# Detailed permissions for directories:
#   priviledge    = <virtual path> <rights>
#
# <rights>: * -> everyone
#           - -> specific user
#           = -> specific group
#           ! -> don't allow whatever immediately follows
#           0-9,A-Z -> Matches users who have the associated user flag
#
# NOTE: Permissions are processed from start to end and the first matching
# is used.  Thus more specific rules must come before catch-alls.

# Here's an example of a generally Read Only server with a /Incoming
# directory that allows regular users (the 3 flag) to upload just
# to directories under /Incoming.  If you want people to be able to
# upload anywhere just change /Incoming/* to /*.  
Upload          = /Incoming/* 31VM
Resume          = /Incoming/* 31VM
MakeDir         = /Incoming/* 31VM
RemoveDir       = /Incoming/*  1VM
RemoveOwnDir    = /Incoming/* 31VM
Rename          = /Incoming/*  1VM
RenameOwn       = /Incoming/* 31VM
Overwrite       = /Incoming/*  1VM
Delete          = /Incoming/*  1VM
DeleteOwn       = /Incoming/* 31VM

# This defines everything else as Read Only for regular users.
Upload       = /* 1VM
Resume       = /* 1VM
MakeDir      = /* 1VM
RemoveOwnDir = /* 1VM
RemoveDir    = /* 1VM
Rename       = /* 1VM
RenameOwn    = /* 1VM
Delete       = /* 1VM
DeleteOwn    = /* 1VM

# nobody can overwrite a file, they must delete it and resend
Overwrite    = /* !*
NoStats      = /* !*

# nobody can modify the timestamp of files
TimeStamp       = /* !*
TimeStampOwn    = /* !*

# anybody can download anything...
Download     = /* *

#NoFxpOut    = /* *
#NoFxpIn     = /* *



[Virtual_Dirs]
# <path> = [ "<perm>" ] TCL <script>
# NOTE: <path> must be absolute (start with a /) and can't be the root dir '/'
# NOTE: <perm> is an optional flag-style permission string that acts like the
#       hidden/private directory feature and controls who can see the dir.
# NOTE: Virtual dir changes cannot be rehashed, you must restart the server.
# See Changelog for documentation on arguments passed to the script.
# If you use nxTools, copy the nxSearch.itcl file from the /source directory
# into the /scripts directory and uncomment this line for a simple search
# feature.
;/Search = TCL ..\scripts\nxSearch.itcl



[VFS_PreLoad]
# By default the server now preloads all the directories used as mountpoints
# in the default VFS file indicated by [Locations]/Default_Vfs.  If you want
# additional directories loaded include lines here with the form:
#   <depth-to-descend> = <starting-VFS-path>
# A depth of 1 just means the directory itself, 2 would be the dir and all
# its immediate subdirs, etc.

# If you wish to resolve all paths defined here using a VFS file other than
# [Locations]/Default_Vfs then define a line like "VFS = <vfs-file>".
# To completely disable preloading specify the name as 'DISABLE'.
;VFS = DISABLE

# If you wish the server to finish preloading all these directories before
# accepting connections, define the line "DELAY = TRUE".  This is useful
# if you mount lots of networked folders with large fanouts and it takes
# minutes to load them all and the client would time out the initial directory
# listing.  On the other hand, ioGUI will be unable to connect at startup.
;DELAY = TRUE


###############################################################################
###########################   FTP CUSTOM COMMANDS   ###########################
###############################################################################

[FTP_Custom_Commands]
# define new "site" commands here!
#
# SITE <trigger> [%^]<parameters>
#
# trigger = !file                     # Show file
# trigger = @string                   # Alias
# trigger = EXEC script.exe [<args>]  # Execute file.exe with optional args
# trigger = TCL script.itcl [<args>]  # Execute file.itcl with optional args
# trigger = %EXEC/TCL ... [<args>]    # translate cookies found in args
# trigger = ^<parameters>             # Override option: Process as above, but
#                                       do NOT execute any built-in site
#                                       command of the same name as trigger.
#
## Examples
# welcome       = !..\text\ftp\welcome.msg
# rehash        = @config rehash
# exec          = EXEC ..\scripts\exec.bat
# myinfo        = %TCL ..\scripts\whoami.itcl %[$user]
# cat           = TCL ..\scripts\showfile.itcl
#

## Aliases
alldn   = @stats alldn
allup   = @stats allup
daydn   = @stats daydn
dayup   = @stats dayup
monthdn = @stats monthdn
monthup = @stats monthup
wkdn    = @stats wkdn
wkup    = @stats wkup
rehash  = @config rehash
free    = @freespace

# ioGUI
ioGuiExt    = TCL ..\scripts\ioGuiExt.itcl
#ioGuiExt    = EXEC ..\scripts\ioGuiExt.exe



###############################################################################
#############################   FTP PERMISSIONS   #############################
###############################################################################
#
# Permissions take the form throughout
# <rights>: * -> everyone
#           - -> specific user
#           = -> specific group
#           ! -> don't allow whatever immediately follows
#           0-9,A-Z -> Matches users who have the associated user flag
#
# The builtin user flags are:
#   'M' - MASTER
#   'V' - VFS ADMINISTRATOR
#   '1' - SITEOP
#   'G' - GROUP ADMIN RIGHTS
#   'F' - FXP DENIED (DOWNLOAD)
#   'f' - FXP DENIED (UPLOAD)
#   'L' - SKIP USER LIMIT PER SERVICE
#   'A' - ANONYMOUS
#
# Conventions for other user flags:
# '3' - Regular users (the default for ioGUI created users)


[FTP_Command_Permissions]
# Control access to builtin (non "site") commands.
;noop = !Z *


[FTP_SITE_Permissions]
# Control access to "site" commands.

addip             =   G1M
adduser           =   G1M
bans              =    1M
chattr            =    VM
chgrp             =    1M
chmod             =  GV1M
chown             =    VM
close             =    1M
color             =  !A *
config            =     M
crashnow          =     M
delip             =   G1M
deluser           =   G1M
devices           =     M
dircache          =   1VM
findip            =    1M
freespace         =  !A *
gadduser          =   G1M
ginfo             =   G1M
groups            =   G1M
grpadd            =    1M
grpdel            =    1M
grpren            =    1M
grprevert         =    1M
help              =     *
ioverify          =     M
ioversion         =    1M
kick              =   G1M
kill              =    1M
knock             =  !A *
loadsymbols       =     M
makecert          =     M
myinfo            =  !A *
open              =    1M
passwd            =  !A *
perms             =  !A *
purge             =   G1M
readd             =   G1M
refresh           = 3GV1M
removecert        =     M
renuser           =    1M
sectionnum        =  !A *
services          =     M
shutdown          =     M
size              = 3GV1M
stats             =  !A *
swho              =    1M
symlink           = 3GV1M
tagline           =  !A *
uinfo             =   G1M
uptime            =  !A *
users             =   G1M
who               =  !A *




# aliases
rehash            =     M
alldn             =  !A *
allup             =  !A *
daydn             =  !A *
dayup             =  !A *
monthdn           =  !A *
monthup           =  !A *
wkdn              =  !A *
wkup              =  !A *
free              =  !A *

# ioGUI
ioGuiExt          =    M



[Change_Permissions]
admingroup        =    1M
credits           =    1M
DnSpeed           =    1M
Expires           =   G1M
flags             =    1M
groupdescription  =    1M
groupslots        =    1M
groupvfsfile      =     M
homedir           =   G1M
LimitPerIp        =    1M
logins            =    1M
MaxDownloads      =    1M
MaxUploads        =    1M
Opaque            =    1M
passwd            =   G1M
ratio             =   G1M
stats             =     M
speedlimit        =    1M
tagline           =   G1M
UpSpeed           =    1M
vfsfile           =     M



###############################################################################
###################################   FTP   ###################################
###############################################################################
# For idle settings I suggest either:
#   Idle_TimeOut = 360
#   Idle_Ignore  = NOOP
#
# Or something along the lines of
#   Idle_TimeOut = 600
#   Idle_Ignore  = NOOP CWD PWD LIST NLST STAT PASV
# In this case if the user hasn't actually done something besides wander
# around the filesystem looking at directories he/she is disconnected.

[Ftp]
# String to return for %[SITENAME] message cookie which is used to customize
# messages seen by the user for your site.
Site_Name               = ioFTPD

Idle_TimeOut            = 360           # no activity timeout -> auto logout
# These commands don't reset the idle counter
Idle_Ignore             = NOOP
# permission flag to specify users who should be immune from the idle timer
Idle_Exempt             = -ioFTPD
Login_Attempts          = 3             # attempts before forced disconnect
Login_TimeOut           = 15            # disconnect user who hasn't managed
                                        # to login within this many seconds

# This is the default size (it grows if needed) for internal buffering.
# It probably should be a multiple and at least as large as the data
# socket send size.  Since internal buffers are used for directory listings
# it should be larger than the space needed for the largest single directory
# listing to avoid growing it.  32k min.
Transfer_Buffer         = 131072

# This is the size of the TCP send/receive socket buffers.  Because TCP
# advertises these values as part of the TCP protocol they can affect
# performance.  Slow and/or poor quality connection should use small
# buffer sizes since retransmition of dropped packets involves resending
# or receiving all the data over again from the first lost byte...
# High speed / high quality connections achieve better performance with
# larger values.  The max is 64k.  As an example FlashFXP uses 8k send
# and 32k recv.  If you aren't maxing out your bandwidth on a try adjusting
# these upwards.
DataSocket_Send_Buffer  = 32864
DataSocket_Recv_Buffer  = 32864
# This is the size of the send/receive socket buffer for the command channel
# which usually never gets much bulk use.  An exception would be clients who
# use "stat -l" to list directories.  In that case for the send value use the
# datasocket send buffer size.
Socket_Send_Buffer      = 4096
Socket_Recv_Buffer      = 1024
DataSocket_Nagle        = False

# Set this permission flag to enable the -R option to LIST.  Users asking
# for a larger number of directories to be listed can be time consuming and
# resource intensive.  For larger servers you may wish to enable this only
# for admins and/or a script to generate a listing every few hours and drop
# it into the root directory for people to download.
Allowed_Recursive       = *

# in xferlog hide the hostname field of the transfer entry, (default=false)
;Hide_Xfer_Host          = True

# Set this to True to prevent ioFTPD from computing the size of files in
# subdirectories whenever you CWD into a directory or LIST one.
;No_SubDir_Sizing         = True

# Set this to false if you don't have an onUploadComplete event or the
# script/executable you are using ignores the computed value.
Compute_CRC              = True

# Users matching this expression will be allowed to login to a "closed"
# server.  Permission style format: [-user, =group, FLAG, !thing, ...]
# Defaults to "M" if undefined.
Close_Exempt             = 1M

# Users matching this expression will be hidden from "site who".  Users style
# format: [user, username*, =group, .FLAG, !thing, ...]
;Who_Hidden_Users         = sitebot

# Paths matching these expressions will be replaced with <hidden> in "site
# who".  Format is Who_Hide_Path_N = /path/*, etc.  Limit of 20 paths.
;Who_Hidden_Paths_1       = /PRE/*

# Set this to True to display "Your IP/hostname is not authorized" instead
# of the generic "Invalid Password" error message if a user tries to login
# to an account but doesn't match any of the hostmasks.
;Show_HostMask_Error      = True

# String to display via the %[ratio()] cookie when user's ratio is 0.
# Change requires restart to pick up new value, default is "Leech".
# NOTE: site uinfo/myinfo special cases the default (Leech) to display in
#       an aligned column, or you can use up to 9 chars and it displays in
#       it's own wider column.  Greater than 9 and you'll need to modify the
#       [UserInfo, MyInfo].Section files to format it properly.
;LeechName = Unlimited

# ioFTPD used to always resolve symbolic links when it came across them.  This
# is faster, but doesn't work well with pure virtual directories and with
# 'sorted' style dirs.  By default the server will now keep symbolic links
# in the user's current path, but will continue to also track the fully
# resolved path for permission checking, script use, etc.  I think users will
# find this more intuitive.  Note: change takes effect only for new logins.
#   /sorted/dir1 -> /movies/dir1
#   CWD /sorted/dir1
#   Disabled: PWD => /movies/dir1, CDUP => /movies
#   Enabled : PWD => /sorted/dir1, CDUP => /sorted
#
# NOTE: The shared memory CLIENT structure which is essentially unchanged
#       since v5 continues to use the fully resolved path.  This may cause
#       some issues when used by some EXEC scripts that process user input
#       that contain relative links if this option is enabled.
Keep_Links_In_Paths       = True

# Enable the ADD, DELETE, INSERT, REPLACE, and SAVE options of the 
# 'site config' command.
Enable_Config_Commands = False

# Enable the placement of additional information into the ONLINEDATA shared
# memory structure that doesn't affect the alignment of any existing fields.
# If 3rd party shared memory EXEC scripts or dlls incorrectly display the
# transfer status then disable this option and see if that fixes the problem.
OnlineData_Extra_Fields = True

# The MDTM command can be used to modify the timestamp of files and the access
# checks 'TimeStamp' and 'TimeStampOwn' cover the usual cases, however you
# may wish to allow users to modify the timestamp of the last file uploaded
# even if those checks fail.  The main reason this is useful is when
# zipscripts remove +w access from an uploaded file that was verified and/or
# modify the owner of the file.  In both those cases the normal checks would
# fail.  It's also somewhat useful if the zipscript doesn't modify anything
# but you don't wish the user to change the timestamp later on, but don't mind
# them doing it right after upload.  There isn't any other way to express
# that.  The default is FALSE which disallows the exception.
;Enable_TimeStamp_On_Last_Upload = TRUE


# Number of seconds between network events (send or receive of bytes) before
# a data channel transfer should be timed out.  Default is 2 minutes.
Data_Timeout = 120

# You can modify the behavior of the 'site chmod' command.  Master accounts
# can do anything under any setting so are not mentioned.
# Default  : Require +w to parent of item being modified, and non-VFS admins
#            must own the item being modifed.
# WriteOnly: Require +w to parent of item being modified (no owner check).
# NoChecks : Can modify anything provided you can see it.
# The 'Default' setting is the original behavior and the default.
Chmod_Check = WriteOnly

# These definitions are run through the message cookie parser and used in
# the header or footer of site/help commands that contain a bounding box
# around the output (like 'site who').  Size must be under 40 chars.
Site_Box_Header     = %[SAVE]%[THEME(BOX)]%[T(1)][ %[SITENAME] - %[SITECMD] ]%[RESTORE]
Site_Box_Footer     = %[SAVE]%[THEME(BOX)]%[T(1)][ %[SITENAME] - %[SITECMD] ]%[RESTORE]

Help_Box_Header     = %[SAVE]%[THEME(BOX)]%[T(1)][ %[SITENAME] Help ]%[RESTORE]
Help_Box_Footer     = %[SAVE]%[THEME(BOX)]%[T(1)][ %[SITENAME] Help ]%[RESTORE]



###############################################################################
##################################   HELP   ###################################
###############################################################################
#
# List of .ini formatted help files to use when looking up site commands.
# The first argument is a list of FLAGS (no user or group specifications!) or
# "*" for everyone, that the user asking for help must match for that file to
# be searched through.  3rd party addon scripts designed for use only by
# SiteOps or other priviledged users may find this an easy way to prevent the
# server from searching/display info in the help file.
# The second argument is the name/path to the file and are relative to the
# current working directory of ioFTPD.
#
# When information about a specific command (or general topic) is requested
# the following steps are performed:
#   1) Verify permissions for the command, if permissions were found and the
#      user is not authorized then reject the request.  Topics will not have
#      permission information and will thus not be rejected.
#   2) Lookup command/topic by name going through each file listed here in
#      order that the user has permission to search.  If a match is found then
#      process it and return.
#   3) If lookup failed, check to see if command is an alias, if so then
#      print a little "alias -> cmd [args]" line pointing the user in the
#      right direction for getting help on it.
#   4) Lookup "NOT_FOUND" by name going through each file listed here in order
#      and that the user has permission to search.  If a match is found then
#      process it and return.
#
# The text extracted from the .ini file is passed through the normal message
# cookie processor so color/themes are available for formatting the output
# and dynamic information about server configuration or user settings may be
# examined or displayed.  
#
# For complete details see doc/Helpfiles.txt.

[Help]
* = Help-SiteCmds.ini
;* = Help-nxTools.ini
;* = Help-ioNiNJA.ini



###############################################################################
################################   LOCATIONS   ################################
###############################################################################
#
# locations are relative to the current working directory of ioFTPD.
# these relative paths presume that ioFTPD has been launched from the
# system\ directory in the ioFTPD folder.
#

[Locations]
User_Id_Table   = ..\etc\UserIdTable
Group_Id_Table  = ..\etc\GroupIdTable
Hosts_Rules     = ..\etc\Hosts.Rules

User_Files      = ..\users
Group_Files     = ..\groups
Log_Files       = ..\logs

Default_Vfs     = ..\etc\default.vfs
Environment     = ..\etc\ioftpd.env

# Path to directory to create CRASH-Log.txt, MINIDUMP* and TINYDUMP* files.
# If this is not defined, doesn't point to a valid directory, or a crash
# occurs during initial startup then the directory where ioFTPD.exe is
# located is used.
;Crash_Dir    = ..\logs

# If True then only generate the CRASH-Log.txt file and the TINYDUMP* file.
# TinyDump's are several hundred K, whereas MiniDumps are several MBs if
# using dbghelp.dll v6.2+ (or tens of MB if using the default XP dll).
;TinyDump_Only    = True

# When writing stack backtrace information to CRASH-Log.txt it's nice to
# see correct function names instead of just addresses.  Tiny/Minidumps
# can always retrieve the correct information.
#
# With no help the stack trace for the original thread in ioFTPD looks like:
# ID: 3708  [00130000-0012fe94]
#  # 1: 7C90EB94 -> [ntdll + DB94] ? KiFastSystemCallRet() + 0x0
#  # 2: 00416B50 -> [ioFTPD + 15B50]
#  # 3: 00443219 -> [ioFTPD + 42219]
#  # 4: 7C816FD7 -> [kernel32 + 15FD7] ? RegisterWaitForInputIdle() + 0x49
#
# If the ioFTPD.pdb, tcl84t.pdb, etc files are in the directory where
# ioFTPD.exe is run from then function names and line numbers can be
# displayed for those files. Resulting in:
#
# ID: 1212  [00130000-0012fe94]
#  # 1: 7C90EB94 -> [ntdll + DB94] ? KiFastSystemCallRet() + 0x0
#  # 2: 00416B50 -> [ioFTPD + 15B50] ProcessMessages() + 0x40
#           [c:\projects\ioftpd6\6.3.0\src\internalmessagehandler.c, line 106]
#  # 3: 0041A2E0 -> [ioFTPD + 192E0] CommonMain() + 0x30
#                    [c:\projects\ioftpd6\6.3.0\src\main.c, line 250]
#  # 4: 0041A723 -> [ioFTPD + 19723] WinMain() + 0x273
#                    [c:\projects\ioftpd6\6.3.0\src\main.c, line 390]
#  # 5: 00443219 -> [ioFTPD + 42219] __tmainCRTStartup() + 0x177
#                    [f:\sp\vctools\crt_bld\self_x86\crt\src\crt0.c, line 324]
#  # 6: 7C816FD7 -> [kernel32 + 15FD7] ? RegisterWaitForInputIdle() + 0x49
#
# The ? indicates dll's that do not have loaded debugging info and thus the
# name printed is the first previous exported symbol which is often correct
# for the entry point into a library but usually wrong after that.
#
# With system symbol searching enabled the same stack looks like:
# ID: 364   [00130000-0012fe94]
#  # 1: 7C90EB94 -> [ntdll + DB94] _KiFastSystemCallRet@0() + 0x0
#  # 2: 7E4191BE -> [USER32 + 81BE] _NtUserGetMessage@16() + 0xC
#  # 3: 00416B50 -> [ioFTPD + 15B50] ProcessMessages() + 0x40
#           [c:\projects\ioftpd6\6.3.0\src\internalmessagehandler.c, line 106]
#  # 4: 0041A2E0 -> [ioFTPD + 192E0] CommonMain() + 0x30
#                    [c:\projects\ioftpd6\6.3.0\src\main.c, line 250]
#  # 5: 0041A723 -> [ioFTPD + 19723] WinMain() + 0x273
#                    [c:\projects\ioftpd6\6.3.0\src\main.c, line 390]
#  # 6: 00443219 -> [ioFTPD + 42219] __tmainCRTStartup() + 0x177
#                    [f:\sp\vctools\crt_bld\self_x86\crt\src\crt0.c, line 324]
#  # 7: 7C816FD7 -> [kernel32 + 15FD7] _BaseProcessStart@4() + 0x23
#
# Notice that even the number of stack frames is incorrect without access
# to the .pdb file for optimized code.
#
# The best way to solve this is to allow ioFTPD access to system .pdb files
# through a symbol store.  Basically you just define a local cache directory
# and then enable the downloading of missing .pdb files from MS itself which
# makes them available for just this purpose.
# This is usually done through the environmental variable _NT_SYMBOL_PATH.
# I don't like this for two reasons.  The first is ioFTPD might be running as
# a service which makes specifying this tricky, and the second is there is
# really no reason to lookup for a symbol file that doesn't exist more than
# once (i.e. most 3rd party .dll's loaded such as php4ts.dll).
#
# The command "site LoadSymbols" will CRASH ioFTPD much like "site crashnow"
# does except it will force the resolving of all modules and display
# additional information such as the path to the debugging files found.
# I suggest you set Symbol_Path to download symbols from MS, issue "site
# LoadSymbols", then reset Symbol_Path to just examine the local cache so it 
# won't attempt connections again.  Before it attempts to contact MS the
# first time you should get a popup-box asking for permission along with the
# relevant legal crap.
#
# Symbol_Path is specified exactly like _NT_SYMBOL_PATH.  The ioFTP.exe
# directory is automatically prepended and this is used as the complete
# and final path to search.
#
# Examine just our locally cached symbols
;Symbol_Path     = c:\MySymbols
# Download debugging information from MS and store it locally
;Symbol_Path     = srv*c:\MySymbols*http://msdl.microsoft.com/download/symbols



###############################################################################
#################################   THREADS   #################################
###############################################################################

# This section heavily based on a post by darkone.
#
# Here's a brief explanation, that explains what threads do, but doesn't
# explain their relationship with other threads, such as timer or socket
# scheduler.
#
# I/O threads are used exclusively for I/O activity so everything besides
# I/O related actions are handled in other threads.  Since I/O threads are
# set to run at a higher priority than other threads in the process this
# ensures that performance is not limited by non-I/O related activity.
#
# Encryption threads are used exclusively for encryption, decryption and
# integrity checking (crc calculations).  Data is dispatched from I/O threads
# to encryption threads, in a continous stream.  Which means, there's lots of
# interactions betweens these two types of threads.  
#
# Worker threads handle almost everything else. Timer jobs (timer is managed
# in another thread), client input parsing (yes, I/O threads do not parse
# input themselves), client command responses, scripts, etc... This pool is
# the only pool that has dynamic size, and dynamic priorities (pool might
# temporarily grow beyond the specified limit, to ensure that jobs are
# scheduled in-time).  The size of this pool is something you should
# increment, if your site relies heavily on scripts.
#
# Suggested value for I/O threads, is 2x number of logical cpus.
# Suggested value for worker threads on site that runs lots of scripts,
# is ~half of max users online.
# Suggested value for encryption threads, is number of logical cpus.
# 
# Optimal settings vary per system configuration (logical cpus) and use of
# daemon (large anonymous server, private server, private encrypted server).

[Threads]
# Process base priority: Idle/Normal/High/Realtime (Normal is default)
Process_Priority        = NORMAL
Io_Threads              = 2             # Number of io threads (2)
Worker_Threads          = 5             # Number of worker threads. (5)
Encryption_Threads      = 2             # Number of encryption threads (1)

# the window name, used by third party scripts and services to communicate
# with ioFTPD.  the default is fine unless you are running two copies of
# ioFTPD.
WindowName              = ioFTPD::MessageWindow

# FTP clients often impose a timeout (usually 2 minutes or so) on receiving
# a response from the server to an issued command.  Some events take a long
# to complete and fail to provide some sort of output every minute or so.
# As a workaround you can now have the server output a single line to keep
# the client happy if nothing has been sent to the user within the last 90
# seconds.  If not defined then this feature is disabled.  The default text
# output is the default prefix for the event, but if not defined or is
# empty this text will be used.
Keep_Alive_Text = 200-

# Create TCL interpreters ahead of time instead of on demand.
Create_Tcl_Interpreters   = TRUE

# Log creation/deletion and force finalization for interpretters.  Requires
# Create_Tcl_Interpreters be enabled to force deletion/finalization after a
# rehash, BUT actually disables the creation ahead of time feature.
Debug_Tcl_Interpreters    = FALSE

# Track thread deletions
Log_Exiting_Worker_Threads = TRUE

# When this feature is enabled the server spawns a companion process
# 'ioFTPD-Watch.exe'.  If the server detects that the DLL loader lock has
# gotten stuck and it is therefore unable to exit it will signal the watcher
# to forcefully terminate the server.  The watcher may also kill the server
# if it fails to signal it's alive at least once every minute.  This feature
# also makes the server attempt to connect to all active services every
# minute and if that fails 3 times in a row it will try to exit gracefully.
# If it can't exit the ioFTPD-Watch process will time it out and terminate it.
# NOTE: ioFTPD-Watch.exe output goes to the [$Log_Files]\Watch.log file.
;Restart_On_Deadlock        = TRUE



###############################################################################
#################################    FILE    ##################################
###############################################################################

# Directory caching involves hashing the full directory name to get the bucket
# to search and then binary searching an ordered array.  Previously the number
# of buckets was fixed at 8 and the default was 1000 entries per bucket.  I
# prefer more memory use but faster performance so have made the number of
# buckets an option...

[File]
MessageCache_Size       = 500           # Number of .message files to cache
                                        #   (min 75, default 100)
DirectoryCache_Buckets  = 100           # Number of buckets to use (min 5)
DirectoryCache_Size     = 1000          # Number of directories per bucket
                                        # (min 100)
Device_Concurrency      = 5             # Maximum simultanous io operations
                                        # per device (min 1, default 5)



###############################################################################
#################################   MODULE   ##################################
###############################################################################
# modules are used to control internal behaviour of ioFTPD.
# this interface is poorly documented at the moment and probably broken.
[Modules]
;MessageVariableModule  = ..\modules\cookie.dll
;UserModule             = ..\modules\networkuser.dll
;GroupModule            = ..\modules\networkgroup.dll
;EventModule            = ..\modules\eventmodule.dll



###############################################################################
################################   SCHEDULER   ################################
###############################################################################
# Scheduler
#
# Event = <minutes> <hours> <day of month> <day of week> Command
#           0-59     0-23       1-31        0(Sunday)-6
#
# The specification is very similiar to syntax of the unix crontab file and
# thus permits you to specify * to match anything and to specify multiple
# values separated by commas.
#
# The only tricky thing is the hours field which needs to be specified in
# UTC (GMT without daylight savings) and thus specifying events to run
# at midnight depends on where you are running the server.  For example
# if you are located in the CET timezone, to run an event at midnight local
# time you would use
#  event-name = 0 22 * *
# because the difference is -2 hours.
#
#
# Internal Commands:
#
# &Reset          : Resets upload/download counters
# &ConfigUpdate   : Reloads devices and Restarts services, if bind ip
#                   of service has changed
#

[Scheduler]
# every day at midnight UTC reset up/down counters
Reset           = 0 0 * *                  &Reset
# every 10 minutes restart services to check for IP updates
ConfigUpdate    = 0,10,20,30,40,50 * * *   &ConfigUpdate


[Reset]
WeeklyReset     = Sunday
MonthlyReset    = 1st



###############################################################################
#################################   EVENTS   ##################################
###############################################################################

# Event = !file                     # Show file
# Event = EXEC file.exe [<args>]    # run file.exe with optional args
# Event = TCL script.itcl [<args>]  # run script.itcl with optional args
# Event = %EXEC/TCL ... [<args>]    # translate cookies found in args

[Events]
# NOTE: You can list more than one event and all will be called, see
#       the file doc\Events.txt for a list of all events and the arguments
#       they are called with.
OnClosedKick		= !..\text\ftp\ServerClosing
OnClosedLogin		= !..\text\ftp\ServerClosed
OnDeletedKick		= !..\text\ftp\DeletedKick
OnExpiredKick		= !..\text\ftp\ExpiredKick



[FTP_Pre-Command_Events]
# Pre commands are run before the actual FTP command of the same name is
# executed.  You can have more than 1 event run per command but ALL must
# succeed in order for the real FTP command to be run.
;list =
;stor =
;mkd  =
# etc...

[FTP_Post-Command_Events]
# These are called after the real command successfully completed.

Last edited by kathorga; 04-16-2011 at 07:25 AM.
kathorga is offline   Reply With Quote