Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st July 2006, 20:29
formermsftie formermsftie is offline
Junior Member
 
Join Date: Jul 2006
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Need help with unique proftp config

This is longwinded, please forgive me.

I have recently converted from the dark side and I have setup a new/old Dell 2550 server with proftpd 1.3.0-4 running on CentOS 4.3, for FTP. I am just learning proftp and need some assistance with a unique config.

I am trying serve up hundreds of very large architectural drawing files for multiple construction projects. Each project has it's own project number (ex. pj12345) and each project will have many drawings.

I want to allow only subcontractors who are chosen for a specific project to download those respective drawings. These aren't confidential docs but I just don't want hundreds of subs changing dirs and downloading other drawings which will use up bandwidth. We have over 100 given subs at any one time so instead of managing hundreds of user accounts or 30+ project user accounts, I want to provide anonymous access with a twist.

If I create a folder for each project, I want an anonymous user to be able to go to ftp.server.com/proj12345 and I want them to be able to see and download the files in that folder, but not see or change folders to any other project.

If they just go to ftp.server.com, I want everything to be hidden. Basically, I guess I want to "pseudo-jail" them so that once they get to that respective project folder, they can see/get any drawing file but that's all they can see. I guess I can deny 'cd' so they don't get out since no project folder will have subfolders. If they can't see other folders they won't try to cd to them.

I want to allow an internal local user to upload files to this server but I do not want anonymous users to upload/change anything. I've got a basic anony ftp working with download so I'm 1/2 way there.

Also, I have this server inside our ISA 2004 firewall using server publishing (port forwarding) but it is not in a DMZ. I know, I know. ISA is pretty solid but I have also enabled and configured the firewall on the ftp box to only allow ssh, ftp and ssl webmin with a dif port - ya know, since i'm a rookie.

Would it be wise to open a port with Samba so the internal/local user can get to the ftp folder to upload files, or should I just go ahead and put this puppy in a DMZ and make a local account with no chroot jail and allow write perms to the ftp folder so they can put the files to it?

Remember, I'm a transitional windows guy, so if this is crazy talk, just smack me.

Thanks a zillion.

Eric
Reply With Quote
Sponsored Links
  #2  
Old 22nd July 2006, 17:49
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
 
Default

This guide should get you started: http://www.howtoforge.com/proftpd_mysql_virtual_hosting

Quote:
Originally Posted by formermsftie
Would it be wise to open a port with Samba so the internal/local user can get to the ftp folder to upload files
You need to open ports 20 and 21, but no Samba ports. FTP != Samba
Of course, you could also put the server into your DMZ, in that case you don't need to forward ports.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Needing to restart proftp weekly? dabro General 1 20th June 2006 14:48
Problem with the apache (I can't start ist) M.Behrens Installation/Configuration 11 31st March 2006 11:48
The config of webmail/pop3 make me crazy!!! :( Spektro Installation/Configuration 7 14th December 2005 15:33
Can't access System config / Settings section Spektro Installation/Configuration 1 9th December 2005 16:31
Config file templates till Developers' Forum 0 31st July 2005 00:10


All times are GMT +2. The time now is 19:02.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.