mod_xfer
The mod_xfer
module handles most of the FTP commands related to
file transfers.
AllowOverwrite off
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The AllowOverwrite
directive permits newly transferred files to
overwrite existing files. By default, FTP clients cannot overwrite
existing files.
AllowRetrieveRestart on
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The AllowRetrieveRestart
directive permits (or denies) clients
from performing "restart" download (retrieve) file transfers via the FTP
REST
command. By default, restarted downloads are allowed, so
that clients may resume interrupted file transfers at a later time without
losing previously collected data.
See also: AllowStoreRestart
AllowStoreRestart off
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The AllowStoreRestart
directive permits (or denies) clients from
"restarting" interrupted upload (store) transfers. By default restarting (via
the FTP REST
command) is not permitted when uploading
files to the server. Care should be taken to disallow anonymous FTP
"incoming" transfers to be restarted, as this will allow clients to corrupt or
increase the size of previously stored files (even if not their own).
The FTP REST
command is automatically blocked when
HiddenStores
is enabled, with the server returning a 501 error
code to the client.
See also: AllowRetrieveRestart
,
DeleteAbortedStore
,
HiddenStores
DefaultTransferMode ascii
<VirtualHost>
, <Global>
The DefaultTransferMode
directive sets the default
transfer mode used for data transfers. Per RFC 959 requirements, the default
transfer mode is "ascii", which means that carriage return (CR
)
and line feed (LF
) translation will be performed: CRLF
sequences in uploaded data will be translated to LF
,
and LF
translated to CRLF
in downloaded data.
DeleteAbortedStores off
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The DeleteAbortedStores
directive controls whether ProFTPD
deletes partially uploaded files if the transfer is stopped via the
FTP ABOR
command (as opposed to a connection failure).
By default, DeleteAbortedStores
is off.
However, when HiddenStores
is enabled, then
DeleteAbortedStores
is automatically enabled as well.
See also: HiddenStores
HiddenStores off
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
The HiddenStores
directive enables two-step file uploads: files
are uploaded as ".in.filename." and once the upload is complete,
renamed to just filename. This provides a degree of atomicity and
helps prevent 1) incomplete uploads and 2) files being used
while they are still being uploaded. When HiddenStores
is
enabled, then DeleteAbortedStores
is automatically enabled as well.
Note that if the temporary file name is already in use (e.g., a server crash during upload), it will prevent the file from being uploaded.
The FTP REST
command is automatically blocked when
HiddenStores
is enabled, with the server returning a 501 error
code to the client.
In proftpd-1.3.3rc2
and later, the ".in." prefix can be
customised via the HiddenStores
directive, e.g.:
# Use a different prefix for HiddenStores HiddenStores filepart-
In proftpd-1.3.5rc2
and later, the "." suffix can be
customised using the HiddenStores
directive as well, e.g.:
# Use a different prefix and suffix for HiddenStores HiddenStores incoming- .lockYou can also use this capability to configure no prefix, and just a suffix:
# Use an empty string as the prefix, and a suffix of ".filepart". HiddenStores "" ".filepart"Note that in order to specify the suffix, you must specify a prefix as well.
In proftpd-1.3.6rc1
and later, the prefix and
suffix values can use the %P
variable, which will
be substituted with the session PID. This can help to reduce issues
encountered when an FTP upload fails in such a way that proftpd cannot properly
clean up the HiddenStores
temporary file. For example:
# Use the session PID as part of the name HiddenStores .in. .%P
Discussion
When would you want or need to specify different prefix and suffix values
for HiddenStores
? You might need this when, for example, your
proftpd
writes files to an NFS-mounted filesystem. Another
machine mounts that same filesystem remotely using a CIFS client (e.g.
a NetApp machine). The trailing "." suffix causes the CIFS client to list
the temporary filenames different (e.g. in a Windows 8.3 file format
style): "in.test." becomes "INTES~1". This view confuses users/admins.
By changing the default HiddenStores
suffix, then, that modified
CIFS client filename view can be avoided.
See also: AllowStoreRestart
,
DeleteAbortedStores
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The MaxRetrieveFileSize
directive sets a maximum limit on the
size of a single file downloaded from proftpd
. If the
requested file size is larger than than the configured maximum limit,
the data transfer will be rejected.
A single "*" argument configures unlimited file sizes, and is used primarily to override any inherited restrictions from higher-level configuration sections. The given number is the number of bytes for the limit, and is followed by a units specifier of (case-insensitive) "Gb" (Gigabytes), "Mb" (Megabytes), "Kb" (Kilobytes), or "B" (bytes). The given number of bytes is multiplied by the appropriate factor.
The optional parameters are used to restrict the file size limits only to specific users. If the "user" restriction is given, then expression is a user-expression specifying to which users the rule applies. Similarly for the "group" restriction. For the "class" restriction, the expression is simply the name of connection class for whom the rule will apply. If no matching user, group, or class expression (in that order) is found for the current user, then a limit with no expression (i.e. no "user", "group", or "class" identifier) is applied.
Examples:
# Restrict downloads to only 1 gigabyte MaxRetrieveFileSize 1 Gb # Restrict downloads for user fred, but allow unlimited download size for # everyone else MaxRetrieveFileSize 50 Kb user fred MaxRetrieveFileSize *
See also: MaxStoreFileSize
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The MaxStoreFileSize
directive sets a maximum limit on the
size of a single file uploaded to proftpd
. When the
configured maximum limit is reached, the data transfer will be aborted.
A single "*" argument configures unlimited file sizes, and is used primarily to override any inherited restrictions from higher-level configuration sections. The given number is the number of bytes for the limit, and is followed by a units specifier of (case-insensitive) "Gb" (Gigabytes), "Mb" (Megabytes), "Kb" (Kilobytes), or "B" (bytes). The given number of bytes is multiplied by the appropriate factor.
The optional parameters are used to restrict the file size limits only to specific users. If the "user" restriction is given, then expression is a user-expression specifying to which users the rule applies. Similarly for the "group" restriction. For the "class" restriction, the expression is simply the name of connection class for whom the rule will apply. If no matching user, group, or class expression (in that order) is found for the current user, then a limit with no expression (i.e. no "user", "group", or "class" identifier) is applied.
Examples:
# Restrict upload to only 3 megabytes MaxStoreFileSize 3 Mb # Restrict anonymous uploads to 50k, but allow unlimited upload size for # everyone else MaxStoreFileSize 50 Kb user anonymous MaxStoreFileSize *
NOTE: In FTP uploads, the size of the file being uploaded is not
sent to the FTP server first; this means that the FTP server does not know in
advance how much data the FTP client is going to send. The FTP server can only
count the number of bytes being uploaded, and stop the transfer when a
configured limit is reached. This means that MaxStoreFileSize
cannot be used to prevent an FTP client from even sending the bytes
over the network.
See also: MaxRetrieveFileSize
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The MaxTransfersPerHost
directive limits the number of data
transfers happening at the same time from the same host. The
cmd-list parameter is a comma-separated list of the data transfer FTP
commands (APPE, RETR, STOR, and/or STOU) to which the limit applies. The
optional message parameter may be used, which will be displayed to a
client attempting to exceed the maximum value. If message is
not supplied, the following message is used by default:
"Sorry, the maximum number of data transfers (%m) from your host are currently being used."
For example:
MaxTransfersPerHost RETR 2will result in the following FTP response to a client exceeding the download limit:
"451 Sorry, the maximum number of data transfers (2) from your host are currently being used."And for uploads, you might using something like:
MaxTransferPerHost APPE,STOR,STOU 1
See also: MaxTransfersPerUser
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The MaxTransfersPerUser
directive limits the number of data
transfers happening at the same time for the same user name. The
cmd-list parameter is a comma-separated list of the data transfer FTP
commands (APPE, RETR, STOR, and/or STOU) to which the limit applies. The
optional message parameter may be used, which will be displayed to a
client attempting to exceed the maximum value. If message is
not supplied, the following message is used by default:
"Sorry, the maximum number of data transfers (%m) from this user are currently being used."
For example:
MaxTransfersPerUser RETR 2will result in the following FTP response to a client exceeding the download limit:
"451 Sorry, the maximum number of data transfers (2) from this user are currently being used."And for uploads, you might using something like:
MaxTransferPerUser APPE,STOR,STOU 1
See also: MaxTransfersPerHost
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The StoreUniquePrefix
directive is used to configure a
prefix for the generated unique random filenames used for the STOU
FTP command. The last six characters of the filename will be random.
Note: Slash (/) characters are not allowed in the prefix
value.
<VirtualHost>
, <Global>
The TimeoutNoTransfer
directive configures the maximum number of
seconds a client is allowed to spend connected, after authentication,
without issuing a data transfer command which results in a data connection
(i.e. sending/receiving a file, or requesting a directory listing).
The maximum allowed seconds value is 65535 (18 hours).
See also: TimeoutIdle
,
TimeoutLogin
,
TimeoutStalled
.
<VirtualHost>
, <Global>
The TimeoutStalled
directive sets the maximum number of
seconds a data connection between proftpd
and a client
can exist but have no actual data transferred (i.e. "stalled"). If the
seconds parameter is set to zero, data transfers are allowed to stall
indefinitely; note that this is not a recommended configuration.
The maximum allowed seconds value is 65535 (18 hours).
<VirtualHost>
, <Global>
The TransferOptions
directive to configure various optional data
transfer behaviors.
The currently implemented options are:
AllowSymlinkUpload
This option allows clients to upload files which are actually symlinks on the server, rather than returning a "Not a regular file" error.
Note that this option first appeared in
proftpd-1.3.8rc3
.
IgnoreASCII
This option causes ProFTPD to silently ignore any client requests to
perform ASCII translations via the TYPE
command. That is,
FTP clients can request ASCII translations, and proftpd will respond
as the client expects, but will not actually perform the translation
for either uploads or downloads. This behavior can be useful in
circumstances involving older/mainframe clients and EBCDIC files.
Note that this option first appeared in
proftpd-1.3.6rc1
.
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The TransferRate
directive is used to set transfer rate limits
on the transfer of data. This directive allows for transfer rates to be set
in a wide variety of contexts, on a per-command basis, and for certain subsets
of users (via
mod_ifsession
).
Note that these limits only apply to an individual session, and
do not apply to the overall transfer rate of the entire daemon.
The cmd-list parameter may be an comma-separated list of any of the
following commands: APPE
, RETR
, STOR
,
and STOU
.
The kbytes-per-sec parameter is the actual transfer rate to be applied.
The free-bytes parameter, if configured, allows that number of bytes to be transferred before the rate limit is applied. This allows for clients transferring small files to be unthrottled, but for larger files, such as MP3s and ISO images, to be throttled.
Here are some examples:
# Limit downloads for everyone TransferRate RETR 1.5 # Limit uploads (and appends!) to the prolific users in the # lotsofuploadfiles.net domain. This presumes that a Class has been defined # for that domain, and that that Class has been named "uploaders". Let them # upload small files without throttling, though. <IfClass uploaders> TransferRate APPE,STOR 8.0:1024 </IfClass>
<VirtualHost>
, <Global>
, <Anonymous>
, <Directory>
, .ftpaccess
The UseSendfile
directive controls use of sendfile(2)
functionality, which is an optimization for sending files to clients. Use of
sendfile(2)
functionality avoids separate read and send kernel
operations, and buffer allocations. Read this
howto for more details.
mod_xfer
module is always installed.
Logging
The mod_xfer
module supports trace logging, via the module-specific log channels:
proftpd.conf
:
TraceLog /path/to/ftpd/trace.log Trace xfer:20This trace logging can generate large files; it is intended for debugging use only, and should be removed from any production configuration.