I've done a first version of a modified pure-ftpd to enable logging of ftp traffic and disabling anonymous login.
Needed modules:
SSHD, SYSUSER, META
FTP has to be enabled on N5200
To do this pure-ftps has to be recompiled, cause the advanced logging features are not part of the FW. I have done this with UBUNTU 6.10.
Steps :
- fetch version 1.0.21
- unpack it
- changed to the created dir pure-ftpd-1.0.21
- following commands:
export LDFLAGS=-static
./configure --with-everything --with-rfc2640 --with-largefiles --with-virtualchroot--without-capabilities --without-pam
make
Then the needed files pure-authd, pure-ftpd and pure-ftpwho can be found then in the src subdirectory.
Create via Webinterface a Folder named PUREFTPD on N5200
Copy the above mentioned files to that folder
Create an empty file pureftpd.log in that directory
Copy the file /img/bin/rc/rc.ftpd to /raid/data/module/META/system/etc/startup/new.ftpd
Now modify here the start section (do not edit it with notepad from windows, cause the file has to be linux style)
Old code:
New Code:
The changes are:
-AHE -> disable here anonymous login
-O stats....... -> specify log file here
- point to new pure-ftpd and pure-authd executables
check now if the new.ftpd executable bit is set, if not chmod it.
check now if the pure-ftpd, pure-ftpd and pure-ftpwho executable bits are set, if now chmod it
Now, the running ftp server can be stopped with:
./new.ftpd stop (you have to be in /raid/data/module/META/system/etc/startup directory)
And now start the new one with:
./new.ftpd start
There is no need for a shutdown script in the shutdown area of the META module, cause the standard rc.ftpd is used for shutdown. The original pure-ftpd is not started, cause the META module is called before that and then the original pure-ftpd can not start.
With the command /raid/data/PUREFTPD/pure-ftpwho -v the actual connected ftp clients can be seen.
For those of You, who don't want to compile and edit the files all can be downloaded here
www.futterknecht.at/Peter/Download/newpureftpd.zipPlease don't edit them from Windows, unzip and copy them in the created PUREFTPD folder.
Login to the N5200
Check and set if needed the executable bits
copy the new.ftpd to the startup section of the META module and set the executable bit
stop the running pure-ftpd with ./new.ftpd stop
start the new one with ./new.ftpd start
(on a reboot the start of the new is done automatically)
Next planned steps:
create a module out of it - so no other modules are needed and no folder has to be created
Access to log file via module preferences
Access to ftpwho output via module preferences (fortunatly it is able to create a WEB page as output)
This current step is more or less a study or quick hack, I've tested it more or less in my environment and it is running stable - but of course I can give no guarantee that it is working 100%.
br
Peter
andreas : I know it's complicated, but it's easy to try with the META module