FTP Proxy - Sample configuration file
### Java FTP Proxy Server ### configuration file #The port on which the proxy should listen for incoming #connections. The default is 8089. Note that in earlier #versions this parameter was named "port". #bind_port=8089 #If your computer has more than one network interface and #you only want it to accept connections on one you should #insert the IP-address or hostname of the interface you #wish to use here. #bind_address=123.45.67.89 #If you want the IP-address returned by the proxy in #response to a PASV command, insert the IP-address or #hostname here. #This can be used to provide external access to a ftp #server behind a NAT firewall or through SSH tunnelling. #masquerade_host=127.0.0.1 #If you want the proxy to act as a transparent gateway to #an FTP server on some other computer, then set auto_host #to the IP-address or hostname of that computer here. #If you wish to connect to a port other than the default #port (21), you should set auto_port as well. #auto_host=host.domain.tld #auto_port=21 #If you do not want the proxy to act as proxy for hosts #other than auto_host, you should set only_auto to 1. The #default value is 0. #only_auto=1 #If you need the proxy to connect to some (or all) hosts #using passive mode (e.g. if the proxy runs behind a #NAT'ed firewall), you can specify these here. Note: this #only concerns traffic between the proxy and FTP servers. #Whether to use passive mode between the client and the #proxy is determined by the client. #If neither use_passive nor use_active is set, all #connections are made in active mode. If only use_passive #is set, all connections are made in active mode, except #connections to the hosts mentioned in use_passive. #If only use_active is set, all connections are made in #passive mode, except connections to hosts mentioned in #use_active. If both use_passive and use_active are set, #all connections are made in passive mode, except #connections to hosts mentioned in use_active but not in #use_passive. #If you want all connections to be made in passive mode, #you should specify an empty string for use_active (it #should not be commented out). #The format of the settings is a comma-seperated list of #IP-addresses/subnets. These may be formatted as either #a single IP-adresse, e.g. 123.45.67.89, or as a subnet #written like either 123.45.67.89/255.255.254.0 or #123.45.67.89/23. #use_active=192.168.0.0/16,172.16.0.0/12,10.0.0.1/8,127.0.0.1 #use_passive= #When using passive mode between the client and the proxy #and when using active mode between the proxy and the #server, the proxy chooses a port number to listen for #data connections. If this port number cannot be chosen #freely, e.g. due to firewall limititations between the #client and the proxy or proxy and the server, you can #here specify a list of ports that may be used when #listening for data connections from the server and the #client respectively. #Note that these port ranges are only used when the #proxy is _listening_ for data connections, i.e. not #when running in active mode between the client and the #proxy or in passive mode between the proxy and the #server. #The format is a comma-seperated list of port numbers or #port ranges written in the format xxxx-yyyy inclusive. #Note that some servers will refuse to connect to #privileged ports, i.e. port numbers < 1024. #If only one port is specified, a slightly different #technique for binding is used. Hence if you have only #specified a few ports, you might experience better #results if you only specify one. However, you cannot #have more simultaneous connections than there are ports #available. #server_bind_ports=1111,2222-3333,4444-5555 #client_bind_ports= #If you want to use the proxy with your webbrowser you #need to enable URL syntax. However, this might cause #trouble using the proxy by means of a regular FTP client #in the (unusual) event that you have a username #containing an asterix. The default value is 1. enable_url_syntax=1 #For debugging purposes, this option makes the proxy #dump the network dialogue to the standard output. #output_debug_info=1 ### ACCESS CONTROL #Using deny_from and allow_from you can restrict which #clients are allowed to connect to the proxy. Using #deny_to and allow_to you can restrict which hosts clients #are allowed to connect to. #If neither deny_from nor allow_from is set, everybody is #allowed to connect. If only deny_from is set, everybody #is allowed to connect, except those mentioned in #deny_from. If only allow_from is set, only the clients #mentioned in allow_from are allowed to connect. If both #deny_from and allow_from are set, only clients that are #mentioned in allow_from but not in deny_from are allowed #to connect. #The same logic applies to deny_to and allow_to. #The format is the same as for use_passive and #use_active. #deny_to=192.168.0.0/16,172.16.0.0/12,10.0.0.1/8,127.0.0.1 #deny_from= #allow_to= #allow_from= ### MESSAGES #If you want another message to be sent to the client #upon connect, you should write it here. If only_auto is #set to 1, the message of the "auto FTP server" will be #used instead. Defaults to "Java FTP Proxy Server (usage: #USERID=user@site) ready." #msg_connect= #Message to send to the client if access is denied dut to #the settings of deny_from and allow_from. Defaults to #"Access denied - closing connection." #msg_origin_access_denied= #Message to send to the client if access is denied due to #the settings of deny_to and allow_to. Defaults to #"Access denied - closing connection." #msg_destination_access_denied= #Message to send if the client does not supply a username #of the the form user@site syntax and no auto_host is #specified. Defaults to "Incorrect usage - closing #connection." #msg_incorrect_syntax= #Message to send to the client in event of an unhandled #exception. The default is "Internal error, closing #connection." #msg_internal_error= #Message to send to the client if masquerade_hostname cannot #be resolved. Defaults to "Unable to resolve address for #|masqueradeHostname| - closing connection." #msg_masqerade_hostname_dns_error=