virtual.ftp.support

wu-ftpd类unix下的ftp服务器,可用于嵌入式系统

 
  Copyright (c) 1999,2000 WU-FTPD Development Group.  
  All rights reserved.
  
  Portions Copyright (c) 1980, 1985, 1988, 1989, 1990, 1991, 1993, 1994
    The Regents of the University of California.
  Portions Copyright (c) 1993, 1994 Washington University in Saint Louis.
  Portions Copyright (c) 1996, 1998 Berkeley Software Design, Inc.
  Portions Copyright (c) 1989 Massachusetts Institute of Technology.
  Portions Copyright (c) 1998 Sendmail, Inc.
  Portions Copyright (c) 1983, 1995, 1996, 1997 Eric P.  Allman.
  Portions Copyright (c) 1997 by Stan Barber.
  Portions Copyright (c) 1997 by Kent Landfield.
  Portions Copyright (c) 1991, 1992, 1993, 1994, 1995, 1996, 1997
    Free Software Foundation, Inc.  
 
  Use and distribution of this software and its source code are governed 
  by the terms and conditions of the WU-FTPD Software License ("LICENSE").
 
  If you did not receive a copy of the license, it may be obtained online
  at http://www.wu-ftpd.org/license.html.
 
  $Id: VIRTUAL.FTP.SUPPORT,v 1.3 2000/07/01 18:49:32 wuftpd Exp $
 
                                   [----]

            Method for Supporting Virtual FTP Servers in WU-FTPD

                                   [----]

                              Table of Contents

       1. Introduction
       2. What is virtual FTP server support ?
       3. Setup Overview
       4. Configuring IP Address Aliases
          4.1. Configuring IP Aliases on Sun Solaris 2.5
          4.2. Configuring IP Aliases on SGI
          4.3. Configuring IP Aliases on FreeBSD
          4.4. Configuring IP Aliases on AIX
          4.5. After system configuration
          4.6. Testing interfaces
       5. Building the software
       6. Setting up the directory structure for virtual server support
       7. Configuring to support Virtual FTP Server Support
          7.1. Background
          7.1.1. Limited Virtual Hosting Support:
          7.1.2. Complete Virtual Hosting Support:
          7.2. Create an ftpservers file:
          7.3. Virtual ftpaccess files:
          7.4. Master ftpaccess file Modifications:
          7.5. Adding other virtual domain files
       8. Setting up other support files
       9. Supporting virtual logging
      10. Shutting down your virtual FTP servers
      11. Restarting your shutdown virtual FTP servers
      12. Testing Your New Shiny Virtual Server Setup

                                   [----]

1. Introduction
---------------

     So you want to setup more than one FTP server on the same
     machine....

     To make it work you will need to use the virtual server support in
     wu-ftpd. What follows are instructions for building the software
     and configuring it to use virtual servers. 

                                   [----]

2. What is virtual FTP server support ?
---------------------------------------

     If you wish to manage an ftp server for two separate domains on
     the same machine then you need to be able to support virtual FTP
     servers. Basically, this allows an administrator to configure
     their system so a user ftping to ftp.domain1.com gets one ftp
     banner and one ftp directory and a user ftping to ftp.domain2.com
     gets another banner and directory even though they are on the same
     machine and use the same ports.

     Virtual ftp servers make supporting multiple domains a lot less
     costly and are easier to maintain than multiple ftp servers on
     multiple machines.

                                   [----]

3. Setup Overview
-----------------

     In order to set up a virtual ftp server environment you need to
     understand what it is you're about to do. What follows is a brief
     overview of the process ahead.

        * You will be configuring your machine to respond to multiple
          IP addresses. This is done via IP Address Aliases described
          below. First, you need to acquire the IP addresses you'll
          need. Once you have an IP address for each virtual server you
          wish to setup, you are ready to proceed.

        * Once you can see both addresses from the network, you will
          need to build and install the wu-ftpd software to support
          virtual servers.

        * Next you need to setup up the ftp directory structure for
          each virtual server you wish to support. You will need to
          customize the banner and message files in each of the virtual
          server areas.

        * With the directories in place you are ready to configure the
          configuration files and specify the virtual server specific
          information.

        * In order to be able to separate out who is logging in to what
          virtual server, you'll need to configure the system logging.
          This allows you to maintain separate logfiles depicting the
          activity of each virtual server.

        * And finally, you need to test your configuration. Once that
          is accomplished you can feel pleased with yourself and begin
          populating the individual ftp directories with data as
          appropriate.

     Additionally, you need to know how to shutdown and restart access
     to your real, anonymous and virtual servers in the event you need
     to.

                                   [----]

4. Configuring IP Address Aliases
---------------------------------

     You have to be able to setup IP address aliases in order for the
     virtual server support in wu-ftpd to work. Linux and BSDI,
     FreeBSD, SGI, Solaris 2.5*, AIX and others support this. What
     follows are "general" instructions on how to configure IP address
     aliases for the specified systems. Please check your system's
     'ifconfig' documentation for specific instructions.

     In order to make the changes to the required system files you will
     first need to login as root.

     4.1. Configuring IP Aliases on Sun Solaris 2.5:
     -----------------------------------------------

       1. Assure/place the system's normal hostname/IP address in the
          file /etc/hostname.le0.

       2. Insert the following in the system initialization file
          /etc/init.d/rootuser just after the if/fi test for
          interface_names.

          #
          # configure virtual host interfaces quietly.
          #
          /sbin/ifconfig le0:1 inet XXX.XXX.XXX.XXX netmask + broadcast
          + -trailers up 2>&1 > /dev/null

          Replace XXX.XXX.XXX.XXX with the IP address that you wish to
          alias.

     4.2. Configuring IP Aliases on SGI:
     -----------------------------------

       1. Edit /etc/hosts to include IP address and the name of the
          virtual server

       2. Edit /etc/config/ipaliases.options using comments in that
          file as a template:

          ec0 XXX.XXX.XXX.xxx netmask 0xffffff00 broadcast
          XXX.XXX.XXX.255

               or

          ec0 foobar netmask 0xffffff00 broadcast XXX.XXX.XXX.255

       3. /etc/chkconfig -f ipaliases on

     Replace XXX.XXX.XXX.xxx with the IP address that you wish to
     alias.
     Replace XXX.XXX.XXX.255 with the network's broadcast address.

     4.3. Configuring IP Aliases on FreeBSD:
     ---------------------------------------

       1. If you are using a recent version of FreeBSD (3.x or 4.x):

          Edit /etc/rc.conf and put something like the following in.

          ifconfig_ed1_alias0="inet XXX.XXX.XXX.XXX netmask 0xffffffff"

          (You might have to change the device name from ed1)


       2. If you are using an old version of FreeBSD (1.x or 2.x):

	  Edit /etc/netstart and put something like the following in.

          ifconfig de0 alias XXX.XXX.XXX.XXX netmask 0xffffffff

          (or use ed0 or some other netmask if appropriate)


     4.4. Configuring IP Aliases on AIX:
     -----------------------------------

     In the way AIX is shipped, there is no direct support for IP
     aliases in the ODM. This does not mean that AIX does not support
     IP aliases, it means that IP alias info is stored in an ASCII file
     rather than in the ODM.

       1. Edit the proper /etc/rc* file.

          If you are currently using an ODM TCP/IP configuration, edit
          the file /etc/rc.net.

          If you are using the traditional "BSD-style bootup method",
          edit the file /etc/rc.bsdnet instead.

       2. Add a line such as the following example.

          /usr/sbin/ifconfig tr0 inet xx.xx.xx.xx netmask yy.yy.yy.yy
          alias 1>/dev/null 2>&1

          Be sure to set the interface to the correct type if you are
          not using token ring (tr0) as the example shows.

     Refer to the ifconfig man pages. For more info on TCP/IP
     configuration and tuning, review the "no" command.

     4.5. After system configuration:
     --------------------------------

          In order to test your new configuration it is wise to
          reboot your system. This assures that your system is
          properly configured in the event of an non-planned
          system halt/reboot. A problem here is that the system is
          probably a production server for someone else... It is
          recommended that you add virtual www/ftp servers to your
          system at a scheduled maintenance time. Also, if you are
          adding more than one virtual server, add them all and
          simply reboot a single time. If you cannot reboot then
          execute the appropriate ifconfig (or chkconfig) command
          and test the reboot when you can.

          Also, if not immediately rebooting, it's not a bad idea
          to

               arp -s XXX.XXX.XXX.XXX x:x:xx:xx:xx:xx pub

          where XXX.XXX.XXX.XXX is the IP Address and where
          x:x:xx:xx:xx:xx is the Ethernet/whatever hardware
          physical address.

     4.6. Testing interfaces:
     ------------------------

          You need to assure you can see the interfaces using
          netstat and then try to ping the interface to assure it
          is responding. If so, your system is now ready. Now it's
          time to setup the FTPD server software and virtual
          server directories.

                                   [----]

5. Building the software
------------------------

     1. In order to compile in virtual hosting support it is necessary 
        to assure "VIRTUAL" is defined.  This is normally set in the
        src/config.h file that is created when you run 'build'. You
        should find the line

        #define VIRTUAL

        If it is not there, you will need to add it to your copy of config.h.
   
     2. Check pathnames.h. 
   
         Make sure you know where you want to put things on the system.
         If you change the install paths, check and change the top level 
         makefile as well.
   
     3. "build system-type".
   
     4. "make install".
   
         At this point do a "make install" in the wu-ftpd top-level source 
         directory and things will be installed.  
   

                                   [----]

6. Setting up the directory structure for virtual server support
----------------------------------------------------------------

     You will need to make sure the proper files/directories are in-place. 
     Here is my structure. (Note: I put everything in a single directory 
     structure for testing convenience. Actually I do that when I'm not 
     testing as well...)

    From my pathnames.h
    
    /*
    ** Master Copies - Possibly overridden by VIRTUAL Hosting Configuation
    */
    
    #define _PATH_FTPACCESS  "/etc/ftpd/ftpaccess"
    #define _PATH_CVT        "/etc/ftpd/ftpconversions"
    #define _PATH_FTPUSERS   "/etc/ftpd/ftpusers"
    #define _PATH_PRIVATE    "/etc/ftpd/ftpgroups"
    #define _PATH_FTPSERVERS "/etc/ftpd/ftpservers"
    #define _PATH_FTPHOSTS   "/etc/ftpd/ftphosts"
    
    /* site-wide */
    #define _PATH_PIDNAMES   "/etc/ftpd/ftp.pids-%s"
    
    LS Listing:
    
    rkive-19:43-kent ls -lR /etc/ftpd
    /etc/ftpd:
    total 36
    drwxrwsr-x   2 root     sys          512 Jun 26 19:22 bin
    drwxrwsr-x   4 root     sys          512 Jun 26 15:48 config
    -rw-r--r--   1 root     sys         4096 Jun 26 19:23 ftp.pids-local
    -rw-r--r--   1 root     sys         4096 Jun 26 19:33 ftp.pids-remote
    -rw-------   1 root     sys         2046 Jun 26 14:55 ftpaccess
    -rw-------   1 root     sys          873 Jun 26 14:55 ftpconversions
    -rw-------   1 root     sys           37 Jun 26 14:55 ftpgroups
    -rw-------   1 root     sys          277 Jun 26 14:55 ftphosts
    -rw-------   1 root     sys          429 Jun 26 16:03 ftpservers
    -rw-------   1 root     sys          151 Jun 26 14:55 ftpusers
    drwxrwsr-x   6 root     sys          512 Jun 26 14:56 man
    
    /etc/ftpd/bin:
    total 1848
    -rwxr-xr-x   1 bin      bin        28312 Jun 26 19:22 ftpcount
    -rwxr-xr-x   1 bin      bin        37512 Jun 26 19:22 ftprestart
    -rwxr-xr-x   1 bin      bin        47264 Jun 26 19:22 ftpshut
    -rwxr-xr-x   1 bin      bin        28312 Jun 26 19:22 ftpwho
    -rwxr-xr-x   1 bin      bin       385568 Jun 26 19:22 in.ftpd
    
    /etc/ftpd/config:
    total 12
    drwxrwsr-x   2 root     sys          512 Jun 26 16:04 some.domain
    drwxrwsr-x   2 root     sys          512 Jun 26 16:06 some.other.domain
    drwxrwsr-x   2 root     sys          512 Jun 26 15:01 landfield.com
    
    /etc/ftpd/config/some.domain:
    total 6
    -rw-------   1 root     sys         1891 Jun 26 16:03 ftpaccess
    -rw-------   1 root     sys          146 Jun 26 16:05 ftpusers
    
    /etc/ftpd/config/some.other.domain:
    total 6
    -rw-------   1 root     sys         1891 Jun 26 16:03 ftpaccess
    -rw-------   1 root     sys          146 Jun 26 16:05 ftpusers
    
    /etc/ftpd/config/landfield.com: