From owner-FreeBSD-users-jp@jp.freebsd.org  Tue Oct 30 14:16:28 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id OAA72991;
	Tue, 30 Oct 2001 14:16:28 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from mocha.rite.or.jp (mocha.rite.or.jp [202.241.115.138])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id OAA72986
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 14:16:27 +0900 (JST)
	(envelope-from tetuya@rite.or.jp)
Received: from rite.rite.or.jp (rite [192.168.1.3])
	by mocha.rite.or.jp (8.9.3+Sun/3.7W-rite_mail_gate) with ESMTP id OAA10922
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 14:16:23 +0900 (JST)
Received: from zenon.rite.or.jp (zenon.rite.or.jp [192.168.4.251])
	by rite.rite.or.jp (8.9.3+Sun/3.7W) with ESMTP id OAA03443
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 14:16:22 +0900 (JST)
Received: from TETUYA (tetuya [192.168.2.246])
	by zenon.rite.or.jp (8.9.3+3.2W/3.7W-zenon_mail_gate) with ESMTP id OAA22112
	for <FreeBSD-users-jp@jp.freebsd.org>; Tue, 30 Oct 2001 14:16:26 +0900 (JST)
Date: Tue, 30 Oct 2001 14:20:42 +0900
From: Tetuya Saito <tetuya@rite.or.jp>
To: FreeBSD-users-jp@jp.freebsd.org
Message-Id: <20011030134829.EC5F.TETUYA@rite.or.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Mailer: Becky! ver. 2.00.05
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+010328
X-Sequence: FreeBSD-users-jp 65225
Subject: [FreeBSD-users-jp 65225] wu-ftpd2.6.1
 =?ISO-2022-JP?B?GyRCJHI7SCRDJD8bKEI=?= portforwarding
 =?ISO-2022-JP?B?GyRCJEskRCQkJEYbKEI=?=
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: tetuya@rite.or.jp

$B$_$J$5$s!"$3$s$K$A$O(B
$B@FF#!w#R#I#T#E$F$b$&$7$^$9!#(B

$B:#2s!"(BFreeBSD4.2STABLE$B$K(Bwu-ftpd2.6.1$B$r(Binstall$B$7@_Dj$7$F$$$^$9!#(B
$B@\B3J}K!$H$7$F$O!"(Bopenssh(OpenSSH_2.5.2p2)$B$r2p$7$?!"(Bportforwarding$B$G(B
win$B%/%i%$%"%s%H$h$j(Bftp$B@\B3$r9T$$$?$$$H;W$$D)@o$7$F$$$^$9!#(B

wu-ftpd$B$NFCD'$H$7$F!"@)8f%3%M%/%7%g%s0J30$+$i$N%G!<%?%3%M%/%7%g%s$N@\B3(B
$B$O!"=PMh$J$$$H8@$&$3$HKx$OFM$-;_$a!"2>$K>e5-$N$h$&$J@\B3$r9T$&>l9g$K$O(B
pasv-allow
port-allow
$B$r@_Dj$7$J$$$H$$$1$J$$$H$$$&$H$3$m$^$G$O!"$o$+$j@_Dj$r$7$?$N$G$9$,$I$&$7(B
$B$F$b$&$^$/$$$-$^$;$s!#(B
$B$-$C$H!";d$N@_Dj$,$*$+$7$$$N$@$H;W$&$N$G$9$,!"9T$-5M$^$C$F$7$^$$$*<j>e$2(B
$B$K$J$C$F;2$j$^$7$?!#(B
$B%M%C%H%o!<%/5Z$S@_Dj$O2<5-$N$h$&$J9=@.$G$9!#(B
$B<1<T$N3'MM!"$4=u8@$h$m$7$/8f4j$$$7$^$9!#(B

$B!N%M%C%H%o!<%/9=@.!O(B
------------               ------------
| win 2000 |               | FreeBSD  |
| client   |---------------| wu-ftpd  |
| NextFTP  |               | 2.6.1    |
------------               ------------
(ftp-serverk$B$N@_Dj(B)
#
# @(#)/etc/ftpaccess   tetuya@rite.or.jp
#
## 2$B2s%m%0%$%s$K<:GT$9$k$H(B FTP connection $B$r@Z$k(B
loginfails 2

## $B%f!<%6$N%/%i%9Dj5A!#0lHV@h$K%^%C%A$7$?%/%i%9$GDj5A$5$l$k(B
#class   local   real,guest,anonymous *.domain 0.0.0.0
#class   remote  real,guest,anonymous *
class   local   real ***.***.***.***/32 ***.***.***.***/24
class   partner real,guest ***.***.***.***/25 *
#class  partner real,guest ***.***.***.***/32
#class  local   real ***.***.***.***/24

guestuser cyber-s

## $B%/%i%9Kh$N@\B3%f!<%6?t@)8B!#K~0w$N$H$-$O(B msg.toomany $B$rI=<((B
limit   local   20  Any                 /etc/msgs/msg.toomany
#limit   remote  100 SaSu|Any1800-0600   /etc/msgs/msg.toomany
#limit   remote  60  Any                 /etc/msgs/msg.toomany

## login $B;~!$$"$k$$$O(B * $B%G%#%l%/%H%j$KF~$C$?;~$K$b$7(B README* $B$,$"$l$PI=<((B
readme  README*    login
readme  README*    cwd=*

## login $B;~!$$"$k$$$O(B * $B%G%#%l%/%H%j$KF~$C$?;~$KI=<($9$k%U%!%$%k$N;XDj(B
message /welcome.msg            login
message .message                cwd=*

## hoge $B%G%#%l%/%H%j$r(B get hoge.tar $B$G$-$k$h$&$K$9$k$+$I$&$+$J$I(B
#compress        yes             local remote
#tar             yes             local remote
tar             yes             local

# allow use of private file for SITE GROUP and SITE GPASS?
private         yes

#PASV$B$N@_Dj(B
pasv-allow      local$B!!(B 192.168.2.246
#pasv-allow     partner **.*.*
port-allow      local   192.168.2.246
#port-allow     partner *.*.*.*
passive ports   0.0.0.0/0       10021 10025

## $BF?L>%m%0%$%s;~$N%Q%9%o!<%I(B(E-mail$B%"%I%l%9(B)$B$N%A%'%C%/(B
## none    - $BA4$/%A%'%C%/$7$J$$(B
## trivial - `@'$B$,F~$C$F$$$J$$$H$@$a(B
## rfc822  - RFC822 $B7A<0$N%"%I%l%9$G$J$$$H$@$a(B
## enforce - $B4V0c$C$?$i(B logout $B$5$;$k(B
## warn    - $B4V0c$C$F$b7Y9p$N$_(B
# passwd-check  &lt;none|trivial|rfc822&gt;  [&lt;enforce|warn&gt;]
passwd-check    rfc822  warn

## $BH/9T$5$l$?%3%^%s%I$HE>Aw$N%m%0$r$H$k(B
## inbound $B$O(B upload $BB&!#(Boutbound $B$O(B download $BB&!#(B
#log commands anonymous,real
#log transfers anonymous,real inbound,outbound
log commands real
log transfers real inbound,outbound

## $B$3$N%U%!%$%k$r4F;k$7$F$*$$$F!$%^%7%s$,%7%c%C%H%@%&%s$5$l$=$&$K$J$C$?$i(B
## $B%m%0%$%s$7$F$k%f!<%6$K7Y9p$rH/$9$k(B
shutdown /etc/shutmsg

## $B%U%!%$%k$N(B delete, overwrite, ... $B$r5v$9$+$I$&$+(B
# all the following default to &quot;yes&quot; for everybody
delete          no      guest         # delete permission?
overwrite       no      guest         # overwrite permission?
rename          no      guest         # rename permission?
chmod           no      guest               # chmod permission?
umask           no      guest               # umask permission?

## upload $B$G$-$k%G%#%l%/%H%j$N;XDj(B ftp.media $B$G$ODY$7$F$*$/(B
# specify the upload directory information
upload  /export/home/user *       no
upload  /export/home/user local   /*      yes
#upload /export/home    /tetuya         yes     tetuya  sysadmin        0600 dirs
#upload  /export/home   /cybersolon     yes     root    root            0600 dirs
#upload  /export/home/tetuya    papartner       no
#upload  /export/home/cybersolon        papartner       no
#upload  /home/ftp  /incoming     yes     root    daemon  0600 dirs
#upload  /home/ftp  /bin          no
#upload  /home/ftp  /etc          no

## $B!V(Bcd inc:$B!W$HBG$D$@$1$G(B /incoming $B$K0\$l$k(B
# directory aliases...  [note, the &quot;:&quot; is not required]
#alias   inc:    /incoming

## cd FreeBSD $B$H$9$k$H(B /pub/FreeBSD $B$r8!:w$7!$$=$N8e(B /FreeBSD $B$r8!:w$7$F$/$l$k(B
# cdpath
#cdpath  /incoming
#cdpath  /pub
#cdpath  /

## upload $B;~$KM-8z$J%U%!%$%kL>$rDj5A(B
# path-filter...
path-filter  anonymous  /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-
path-filter  guest      /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-

# specify which group of users will be treated as &quot;guests&quot;.
#guestgroup partner

## welcome.msg $B$G(B %E $B$H$7$?$H$-$KI=<($5$l$k%"%I%l%9(B
email ftp-admin@rite.or.jp</PRE>

PortForwarder(http://portforwarder.nttsoft.net/JP/)$B$N%P!<%8%g%s$O(B1-1-1$B$r(B
$B;HMQ$7@_Dj%U%!%$%k$O2<5-$NDL$j$G$9(B
[PortForwarder$B$N@_Dj%U%!%$%k(B]
Host ftp
HostName ftp-server
User tetuya
# FTP (passive mode)
LocalForward 9921 ***.***.***.***:21


$B>e5-$N$h$&$J>uBV$G!"(BPortForwarder$B$G(Bftp-server$B$N4V$K(Bssh$B$N%;%C%7%g%s$r9=C[(B
$B$7<!$K!"(Bwin2000$B$N%3%^%s%I%W%m%s%W%H$h$j!"(Btelnet localhost 9921$B$H$7(B
ftp-server(wu-ftpd2.6.1)$B$K@\B3(Bpasv$B%3%^%s%I$rH/9T$7!"%G!<%?%3%M%/%7%g%s$N(B
port$B$r3NG'$7!"JLAk$N(Bdos$B%W%m%s%W%H$h$j!"(Btelnet$B!!(Bftp-server$B!!(Bpasv-port$B$G%G!<(B
$B%?%3%M%/%7%g%s$r3NN)$5$;@)8f%3%M%/%7%g%s$h$j(Blist$B%3%^%s%I$rH/9T$7$?$H$3$m(B
$B2<5-$N$h$&$J!"JVEz$,$+$($C$F;2$j$^$7$?!#(B
425 Possible PASV port theft,cannot data connection
$B$3$l$O!"%G!<%?%3%M%/%7%g%s$,!"@)8f%3%M%/%7%g%s$,0c$&(BIP$B$N%^%7%s$h$j(B
$BD%$i$l$?$N$G!"%G!<%?$,E>Aw$G$-$J$$$H9T$C$F$$$k$H;W$&$N$G$9$,(B
$B0c$$$^$9$G$7$g$&$+!)(B
$B$7$+$7!"(B/etc/ftpaccess$B$K$O!"(B
pasv-allow      all    192.168.2.246
port-allow	all    192.168.2.246
$B$N@_Dj$r$$$l$F$"$k$N$G!"$@$H;W$&$N$G$9$,!"$I$&$7$F$b$&$^$/$$$-$^$;$s(B
/var/log/messages$B$K$O(B
Oct 30 13:41:39 ftp ftpd[2532]: tetuya of ftp [***.***.***.***]: data
connect from 192.168.2.246 for /bin/ls
$B$N$h$&$J%m%0$b5-O?$5$l$F$$$^$9!#(B

$B$I$N$h$&$K(Bwu-ftpd$B$r@_Dj$9$l$P!"(Bportforwerder$B$r2p$7$?(Bftp$B@\B3$,2DG=$K$J$k(B
$B$N$G$7$g$&$+!)(B
$B<1<T$N3'MM$h$m$7$/$4=u8@8f4j$$$7$^$9!#(B

-- 
***************************************************************
* $B:bCDK!?M(B $BCO5e4D6-;:6H5;=Q8&5f5!9=(B
* $B8&5f4k2hIt(B $B8&5f;Y1g2](B
* $B@FF#!!E/Li!!(B
* e-mail$B!'(Btetuya@rite.or.jp
* $B=;(B  $B=j!'(B $B")(B619-0292 $B5~ETI\Aj3Z74LZDED.LZDE@nBf#9!]#2(B
* $BEE(B  $BOC!'(B $B#0#7#7#4!]#7#5!]#2#3#0#3(B
* $B#F#A#X!'(B $B#0#7#7#4!]#7#5!]#2#3#1#6(B
* PGP Finger Print A803 6D0F B3CC D357 9858  187C 4BBE 6D36 A2F5 FE75
**************************************************************** 

