NetWare FTP Server

NetWare FTP server is based on the standard ARPANET file transfer protocol that runs over TCP/IP and conforms to RFC 959. You can perform file transfers from any FTP client by using the FTP server to log in to the Novell eDirectory tree.

FTP server is a fully functional FTP with many features, such as those in following list. This section provides basic installation and configuration information so you can use FTP file access with NetDrive.

  • iManager-based management: Use iManager to start and stop FTP server, and configure server, security, user , and log settings. For more information on iManager, see Chapter 3.

  • Run multiple copies of FTP server: Multiple instances of NetWare FTP server software can be loaded on the same NetWare server, providing different FTP services to different sets of users.

  • FTP access restrictions: FTP access can be restricted at various levels through comprehensive access rights controls.

  • Intruder detection: Intruder hosts or users who try to log in using an invalid password can be detected and restricted.

  • Remote server access: FTP users can navigate and access files from other NetWare servers in the same eDirectory tree, and even from remote IBM servers. Remote servers don't have to be running an FTP server.

  • Anonymous user access: Anonymous user accounts can be set up to provide users with basic access to public files.

  • Special quote site commands: These are special, NetWare-specific commands used to change or view some NetWare-specific parameters.

  • Firewall support: If the FTP client is behind a firewall, FTP server supports passive mode data transfer and the configuration of a range of passive data ports.

  • Active sessions display: View details of all active FTP instances in real-time. This includes such information as a list of all instances, details of each instance, all sessions in an instance, and details of individual sessions within an instance.

  • Name space support: FTP server supports both DOS and long name spaces. The FTP user can dynamically change the default name space by using one of the quote site commands.

  • SNMP error reporting: Simple Network Management Protocol (SNMP) traps are issued when an FTP login request comes from an intruder host or from a node address restricted through Novell eDirectory. SNMP traps can be captured and viewed by any SNMP-compliant management console.

  • FTP logs: The FTP service maintains a log of several activities, including FTP sessions, unsuccessful login attempts, active sessions details, and system error and FTP server- related messages.

  • Cluster services support: NetWare FTP server can be configured with Novell Cluster Services (NCS) for high availability.

For detailed information on all FTP server features, see the NetWare 6.5 online documentation.

Installing FTP Server

The FTP server can be installed as an optional component during the NetWare 6.5 installation or it can be installed later through iManager or the graphical server console. To install the FTP server using iManager, complete the following steps:

  1. Insert the NetWare 6.5 Operating System CD-ROM into your workstation.

  2. Launch iManager and open the Install and Upgrade link in the left navigation frame.

  3. Select Install NetWare 6.5 Products, and then click Remote Product Install in the right frame.

  4. At the Target Server screen, select the server to which you want to install FTP server and click Next . Authenticate as an Admin user for your eDirectory tree and click OK.

  5. At the Components screen, click Clear All and select only NetWare FTP Server. Click Next.

  6. At the Summary screen click Copy Files. You will be prompted to insert the NetWare 6.5 product's CD-ROM.

After the FTP server files are copied , click Close to complete the installation.

Configuring FTP Server

Before you start the NetWare FTP server software, you should configure it by setting the configuration parameters in the configuration file. The default configuration file is SYS:/ETC/FTPSERV.CFG . The parameters in this configuration file are commented with their default values.

When the NetWare FTP server is started, the IP address of the host ( HOST_IP_ADDR ) and the port number of the NetWare FTP server ( FTP_PORT ), as defined in the configuration file, are used to bind to and listen for FTP client connection requests . If these parameters are not defined in the configuration file, the FTP server binds to all configured network interfaces in the server and uses the standard FTP ports.

Multiple instances of the NetWare FTP server can run on a single machine with different IP addresses or port numbers . The various parameters in the configuration file along with the default values are described in the tables presented later in this chapter.

You can use iManager as an access point for administering the NetWare FTP server. To do so, launch iManager and select File Protocols > FTP in the left navigation frame. The FTP server utility is shown in Figure 10.15.

Figure 10.15. FTP Server Administration page in iManager.

graphics/10fig15.gif

The FTP server configuration file can be edited manually with any text editor. However, it is much easier to configure and manage FTP server from iManager. iManager also gives you the freedom to manage the FTP server from any network connection and Web browser.

From the FTP Server Administration page, you can start and stop the FTP server as necessary. This loads or unloads NWFTPD.NLM on the NetWare 6.5 server running FTP services. You can also use the Monitor button to view a list of active FTP sessions, with statistics on each.

The server reads the default configuration file SYS:/ETC/FTPSERV.CFG and configures itself accordingly . If there is any change in the FTP configuration file, you should stop and restart the FTP server.

There are four pages of configuration options available to configure and manage FTP server from iManager. Each provides access to specific types of configuration parameters and information, as described in the following sections.

General Settings

Click the General tab to access general FTP server settings. When finished, click Save to record your settings or click Reset to revert to the previous settings. Table 10.1 lists the available server settings, with a brief description and the equivalent setting in the configuration file.

Table 10.1. Server Settings Parameters in iManager

PARAMETER

CONFIG FILE

DEFAULT VALUE

DESCRIPTION

Server IP address

HOST_IP_ADDR

N/A

Sets the IP address that will be used for the FTP server. If left blank, FTP server will bind to every IP address on the NetWare server.

FTP Port

FTP_PORT

21

Specifies the port that FTP server will use to listen for FTP requests.

FTP sessions (maximum)

MAX_FTP_SESSIONS

30

Maximum number of FTP sessions that can be active at any point of time. Minimum value is 1.

Idle session timeout (seconds)

IDLE_SESSION_TIMEOUT

600

Duration in seconds that any session can remain idle. Check the Disable Idle Timeout box if you don't want FTP sessions to time out. This sets the FTPSERV value to 1.

Secure connections only

SECURE_CONNECTIONS_ONLY

Disabled

Forces all FTP sessions to use a secure (SSL) connection. Nonsecure sessions are rejected.

Default Namespace

DEFAULT_NS

Long

The default namespace. The valid values are DOS and LONG .

Data buffer size (KB)

D ATA_BUFF_SIZE

64

Sets the size of the FTP transfer buffer. Valid sizes range from 4KB to 1020KB.

Keep- alive time (minutes)

KEEPALIVE_TIME

10

Sets the interval at which the FTP server will check active connections to see whether they have been broken from the other side. Values can be 5 minutes to 120 minutes.

Welcome banner file

WELCOME_BANNER

SYS:/ETC/WELCOME.TXT

When the FTP client establishes a connection, the content of this file is displayed.

Directory message file

MESSAGE_FILE

MESSAGE.TXT

When the user changes the directory, the contents of this file are displayed. For this, the file with that name should exist in the directory.

Minimum port

PASSIVE_PORT_MIN

1

Minimum port number used for establishing passive data connection. The port value range is 1 to 65534. The minimum value should always be less than or equal to the maximum value.

Maximum port

PASSIVE_PORT_MAX

65534

Maximum port number used for establishing passive data connection. The port value range = 1 to 65534. The maximum value should always be greater than or equal to the minimum value.

File permissions

PSEUDO_FILE_PERMISSIONS

644

If enabled, this will display file rights in the standard Unix format rather than in the NetWare trustee rights format.

Directory permissions

PSEUDO_DIR_PERMISSIONS

755

If enabled, this will display directory rights in the standard Unix format rather than in the NetWare trustee rights format.

User Settings

Click the User tab to access parameters that control file access and user authentication for FTP server. When finished, click Save to record your settings or click Reset to revert to the previous settings. Table 10.2 lists the available user settings, with a brief description and the equivalent setting in the configuration file.

Table 10.2. User Settings in Web Manager

PARAMETER

CONFIG FILE

DEFAULT VALUE

DESCRIPTION

Use FTP for Web publishing

N/A

No

Sets home directory to SYS:/APACHE2/HTDOCS/FTPWEBS . Lets content publishers copy files to a Web server via FTP.

Default home server

DEFAULT_USER_HOME-SERVER

Server where FTP is running

Specifies the name of the server that the default home directory is on.

Default home directory

DEFAULT_USER_HOME

SYS:\PUBLIC

The default home directory for FTP users.

Always use Default Home Directory instead of user's home directory from eDirectory

IGNORE_REMOTE_HOME

No

Specifies whether to ignore the home directory and go to the default directory.

Use FTP Default Home Directory if user's eDirectory home directory is not on the FTP server

IGNORE_HOME_DIR

No

Specifies whether to ignore the home directory, if it is on a remote server, and go to the default directory.

Default FTP context

DEFAULT_FTP_CONTEXT

N/A

Sets the container in which FTP server will look for users. This must be a fully distinguished container name in eDirectory (with leading dot).

Search List

SEARCH_LIST

N/A

A list of fully distinguished names of containers in which FTP users will be looked for, separated by commas. The length of this string including the commas should not exceed 2048 bytes. You can specify a maximum of 25 containers.

FTP user restrictions file

RESTRICT_FILE

SYS:/ETC/FTPREST.TXT

FTP server can define access restrictions to various levels of users, hosts, and so on. These restrictions are defined in a file, which can be specified here.

Anonymous users

ANONYMOUS_ACCESS

No

Specifies whether anonymous user access is allowed.

Anonymous user directory

ANONYMOUS_HOME

SYS:/PUBLIC

The Anonymous user's home directory.

Require email for password

ANONYMOUS_PASSWORD_REQUIRED

Yes

Specifies whether to ask for an email ID as the password for Anonymous user to log in.

Security Settings

Click the Security tab to access intruder detection parameters for FTP server. When finished, click Save to record your settings or click Reset to revert to the previous settings. Table 10.3 lists the available security settings, with a brief description and the equivalent setting in the configuration file.

Table 10.3. Security Settings in Web Manager

PARAMETER

CONFIG FILE

DEFAULT VALUE

DESCRIPTION

Intruder list

N/A - Clear

N/A

Clears the [button] intruder list that is maintained by FTP server.

Host intruder detection

See next parameter

Yes

Turns intruder detection on/off for other FTP hosts that access the FTP server.

Login attempts for host intruder detection

INTRUDER_HOST_ATTEMPTS

20

The number of unsuccessful login attempts for intruder host detection. When set to 0, intruder host login detection is disabled.

Login disable time after detection

HOST_RESET_TIME

5

Time interval in minutes during which the intruder host is not allowed to log in.

User intruder detection

See next parameter

Yes

Turns intruder detection for FTP clients that access FTP server.

Login attempts for user intruder detection

INTRUDER_USER_ATTEMPTS

5

The number of unsuccessful login attempts for intruder host detection. When set to 0, intruder host login detection is disabled.

Login disable time after detection

USER_RESET_TIME

10

Time interval in minutes during which the intruder user is not allowed to log in.

Log Settings

Click the Log tab to access log file parameters for FTP server. All FTP logs are created automatically. You control only the types of messages that are logged and how large the log files will grow. When finished, click Save to record your settings. You can also view current log files by selecting the log you want to see and clicking the View button.

Table 10.4 lists the available log settings, with a brief description and the equivalent setting in the configuration file.

Table 10.4. Log Settings in Web Manager

PARAMETER

CONFIG FILE

DEFAULT VALUE

DESCRIPTION

Log directory

FTP_LOG_DIR

SYS:\ETC

Specifies the directory in which FTP log files will be stored.

Maximum log size (KB)

MAX_LOG_SIZE

1024

Maximum size to which an FTP log file will grow. Range from 1KB to 4194303KB.

Messages of type

LOG_LEVEL

Errors, Warnings, and Information

Indicates the types of messages that are logged.

Daemon log file

FTPD_LOG

ftpd

Specifies the name of the FTP daemon log file.

Audit log file

AUDIT_LOG

ftpaudit

Specifies the name of the FTP audit log file.

Intruder log file

INTRUDER_LOG

ftpintr

Specifies the name of the FTP intruderlog file.

Statistics log file

STAT_LOG

ftpstat

Specifies the name of the FTP statistics log file.

To view any of the log files mentioned in Table 10.4, select it from the Log File drop-down menu and click the View button.

This information will give you an FTP server suitable for use with NetDrive, which was discussed earlier in this chapter. For more information on using an FTP server in more general situations, see the NetWare 6.5 online documentation.



Novell NetWare 6. 5 Administrator's Handbook
Novell NetWare 6.5 Administrators Handbook
ISBN: 0789729849
EAN: 2147483647
Year: 2002
Pages: 172

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net