In this article I will go over the process of installing ProFTPD so that we can enable FTP support on our ZFS file shares. The reason why I decided to create this article was because I have multiple network adapters on my server and I wanted my network shares to be accessible via FTP on multiple IP addresses. Getting this to work entailed manually modifying some of the configuration parameters. Let’s go ahead and get started.

By default, ProFTPD is not Installed within OpenIndiana or OmniOS. You can install the add-on by using the following command:

"wget -O www.napp-it.org/proftpd | perl"

001

This add-on will work for versions of napp-it 0.9e and up. Once you have the add-on installed you can create a ZFS file share or enable it on an existing file share. To do this you want to head over to the “ZFS FileSystems” tab in napp-it

002

In your list of file shares you want to click on the FTP column for the share that you will be enabling FTP access on.

003

My “Data/Files” share is what I will be using for the example below and you can see that FTP is currently “off” for it. Clicking on it once will bring up the screen below and you can set the IP address and port that you want it to listen to.

004

My server has multiple Private IP addresses since I have multiple adapters and this allows me to better load balance the different types of traffic.

005

For this example, I want this share to be reachable on both 192.168.1.60-61 IP addresses on port 21. Since you can only choose one IP, I will select “192.168.1.60:21”. After hitting OK, you should notice that the FTP column for that file share no longer shows “off”.

006

Before we can test FTP we are going to need an account that we will be granting FTP access to. Go ahead and create an account by heading over to the “User” tab. The account that I will be using to test has a username of “samsung”.

007

At this point in time you should be able to connect to that file share via FTP using port 21 to make sure that it works. I tested with FileZilla from one of my windows station and had no issues.

008

The next step in the process is to make this file share accessible via FTP on the other IP addresses as well. In order to do this, we must head over to “Services–>FTP–>ftp.conf”

009

In here we need to modify the FTP configuration and add the following information.

# This is a basic ProFTPD configuration file (rename it to

# ‘proftpd.conf’ for actual use. It establishes a single server

# and a single anonymous login. It assumes that you have a user/group

# “nobody” and “ftp” for normal operation and anon.

ServerName →   →   → “ProFTPD”

ServerType →   →   → standalone

ServerAdmin →   →   →mailto:youremailgoeshere@email.com

DefaultServer →   →   → on

# Port 21 is the standard FTP port.

Port →   →   →   → 21

# Don’t use IPv6 support by default.

UseIPv6 →   →   →   → off

# Umask 022 is a good standard umask to prevent new dirs and files

# from being group and world writable.

Umask →   →   →   → 022

# To prevent DoS attacks, set the maximum number of child processes

# to 30. If you need to allow more than 30 concurrent connections

# at once, simply increase this value. Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd).

MaxInstances →   →   → 30

# Set the user and group under which the server will run.

User →   →   →   → nobody

Group →   →   →   → nogroup

# To cause every FTP user to be “jailed” (chrooted) into their home

# directory, uncomment this line.

#DefaultRoot ~

# Normally, we want files to be overwriteable.

AllowOverwrite →   → on

# Bar use of SITE CHMOD by default

<Limit SITE_CHMOD>

DenyAll

</Limit>

# Deny writing to the base server

<Limit WRITE>

DenyAll

</Limit>

#VirtualHosts: created from Menu ZFS folders, do not edit manually

################# vftp: /Data/Files ##################

<VirtualHost 192.168.1.60>

ServerName                     “FTP server”

Port                                    21

Umask                               022

<Limit LOGIN>

DenyAll

</Limit>

<Anonymous /Data/Files>

User                                      samsung

Group                                   staff

AnonRequirePassword     on

<Limit LOGIN>

AllowAll

</Limit>

<Limit READ WRITE DIRS>

AllowAll

</Limit>

</Anonymous>

VirtualHost>

################# vftp: /Data/Files ##################

<VirtualHost 192.168.1.61>

ServerName                     “FTP server”

Port                                    21

Umask                               022

<Limit LOGIN>

DenyAll

</Limit>

<Anonymous /Data/Files>

User                                       samsung

Group                                    staff

AnonRequirePassword     on

<Limit LOGIN>

AllowAll

</Limit>

<Limit READ WRITE DIRS>

AllowAll

</Limit>

</Anonymous>

</VirtualHost>

What is important here is for us to modify the VirtualHost portion. Essentially what I did was copy and paste what was generated when we enable FTP on the share and change the IP address to match the secondary address(192.168.1.61) that we also want it to respond on. This configuration should be pretty straightforward and should you have any questions about what some of the parameters are doing then you can visit the ProFTPD site (http://www.proftpd.org/docs/) for official documentation.

Thanks for taking the time to read this article. Should you have any questions feel free to leave a comment.

One Response to “ZFS FTPD Configuration”

  1. Thanks man.

Leave a Reply

Your email address will not be published. Required fields are marked *