







 
                      F R E E W A R E


                   F T P   Server NLM for

                  Novell Netware 3.1x, 4.xx

  
                 Copyright 1992, by HellSoft


    Comments and bugs to "meloun@vision.felk.cvut.cz"
      New versions: "nw311/ftpd:novell.felk.cvut.cz"


         Written at Czech Technical University,
                 Prague, Czech Republic
                       E U R O P E






















  Introduction and Features

This FTPD server allows Internet access to Novell network.
It is written according to RFC959 specification.


Features: - Up to 32 concurrent connections
          - Anonymous connection
          - Transactions logins
          - Access restrictions
          - Access to other Novell servers, including servers running
            versions lower than 3.11.
          - On-line info when logging and changing directories
          - MAC name space and MACBINARY transfer supported
	  - LAN Workplace compatibility

If you have more than one Novell server in your network, it is possible run
FTP on only one of them. FTPD allows to login to another server by entering
the Netware server name together with the user name ("server123/user").

System requirements
 FTPD NLM requires Novell Netware Server v3.11. Modules CLIB.NLM, TCPIP.NLM
 and RESOLV.NLM must be loaded. (RESOLV.NLM is avaliable at "novell.felk.cvut.cz" 
 in directory  "/pub/nw311/resolv"). RESOLV.NLM does the name translation, but
 if you have no name server you must run RESOLV.NLM anyway, with no parameters.


Loading of the FTPD server:

 load  [path]FTPD {use [file]} {connections [number]}


  use [file]
    Specifies configuration file name.
    Default: sys:system/ftpd.cfg

      load ftpd use sys:system/ftpd/config.ftp


  connections [number]
    Determines maximum number of concurrent connections.
    Default: 5
    Maximum: 32

     load ftpd connections 20


FTPD Command line:
 ftpd enable disable use {file}.

   ftpd enable
     Enables creating of new connections.

   ftpd disable
     Disables creating of new connections. This has no effect on
     connections already active.


   ftpd use {file}
     Re-reads the configuration file. The command "Connections" (see below)
     is ignored, e.g. the number of connections cannot be changed after
     loading FTPD server.
   
   ftpd show
    Display active clients.


Configuration file

 All empty lines and characters right to the '#' are ignored.

 Command
  Connections [number]

   Determines maximum number of concurrent connections. The command 
   line parameter takes precedence if it is given.

    Connections	20

   
 Command
  BannerFile [filename]
  
   It determines the file to display before the user has logged in. This
   file must be on the server running FTPD.NLM and must be defined with 
   full path name ("volume:directory/directory/file"). It is read with 
   supervisor's rights.

    BannerFile 	sys:system/banner.ftp


 Command
  MaxAnonymous [number]
  
   Determines maximum allowed anonymous connections. This value should be 
   in range 1 to "Connections". If you don't want anonymous access,
   don't create anonymous account.

    MaxAnonymous 15   
   
 Command
  Community [name]

   This command provides access control. Every new connection is
   assigned a community according to its host IP address. There are
   two predefined communities: "default" and "anonymous". The "default"
   community is assigned to a connection not matching any other
   community, the "anonymous" community is assigned to all connections
   of the "anonymous" users. The number of communities is limited to 20.

   Subcommands of the Community command
     Subcommand Address [ip address]

      Determines IP address of connections belonging to this
      community. This command must not be used with pre-defined "default"
      and "anonymous" communities and, on the other hand, must be
      used with all other communities. Up to 20 address per community allowed.

      Address       147.32.14.1
      Address       147.32.*
      Address       147.*.14.*
      Address	    *.felk.cvut.cz
      Address	    *.felk.*
     

    Subcommand Allow [{server_name/}user_login_name]
    Subcommand Deny [{server_name/}user_login_name]

      Determines access restrictions for the community. Maximum
      number of Allow and Deny subcommands in one community is 20.
      User name entered at connect time is matched against listed
      templates in ascending order. When the match is found the access
      is allowed or denied according to the command. If no match is
      found the access is denied. If no "Allow" or "Deny" command was
      used the access is allowed.

       Allow            servername/user1
       Deny             */*
       Allow            server*/any
       Deny             ser*abc/def*ght*


    Subcommand ConnectTime [min]

      Determines maximum connection time in minutes. The connection
      is terminated when time has elapsed after active command is
      completed.

      ConnectTime      30

    Subcommand IdleTime [min]

      Determines maximum time in minutes when the connection is idle.
      The connection is terminated after being idle too long.

      IdelTime      3

    Subcommand ReadOnly
      This restricts access to read only.


    Subcommand LogFile [file]
      This determines location of the log file. The file must be on
      the server where FTPD is running. The user needs no rights for the
      file. If a directory is specified it must exist. The file length is
      not limited.

      Deafult: for "default" community          sys:system\default.log
               pro "anonymous" community        sys:system\anonym.log

      LogFile            sys:logs\ftp.log


    Subcommand LogLevel [num]
      This subcommand controls actions written to the log file.
      Level 0 - no log
      Level 1 - not used
      Level 2 - login, logout and abort info
      Level 3 - level 2 plus outgoing files info
      Level 4 - level 3 plus incoming files info
      Level 8 - log all commands

      Deafult: for "default" community          0
               for "anonymous" community        2


      LogLevel      4


    Subcommand CommentsFile [filename]
      Determines the file to display after the completion of "CWD"
      command. This file must be in the new current directory set by CWD
      and the user must have rights for reading. There must be no
      path given, only the filename.

      Default: none

          CommentsFile      README.TXT

    Subcommand LogoFile [file]
      Determines the file to display after the user has logged in.
      This file must be on the server where the user has logged in
      and the user must have rights for reading. Full NetWare
      pathname must be specified, but no server name.

      Default: none
     
         LogoFile	   sys:public/logofile.txt
    

    Subcommand ShortLS
      This subcommand determines whether directory entries are visible 
      or invisible in ls (NLST) command. User may control this option via 
      SITE LONGLS (or QUOTE SITE LONGLS) and SITE SHORTLS 
      (or QUOTE SITE SHORTLS) site specific commands.
      
      Default: Directory entries are visible in ls command.

        ShortLS

    Subcommand HomeDir [directory]
      Overrides standard home directory determination processing and
      sets given home directory for the community.
      
      Default: standard processing(see below).
        
        HomeDir  users:anydir/thisdir
      
      
    Subcommand MacNameSpace
      Determines default name space for this community.

      Default: DOS name space
       
        MacNameSpace      


Non-standard FTP commands

  The FTP Server implemets this site specific commands.
   SITE LONGLS
     This command causes directory entries to be visible in ls (NLST)
     command. 

   SITE SHORTLS
     This command causes directory entries to be invisible in ls (NLST)
     command.
    Motivation: Directory entries may cause problems with MGET command.
     
   SITE MAC
     Set the name space to Macintosh.

   SITE DOS
     Set the name space to DOS.

   MACB E and MACB D
     This command switch between BINARY and MACBINARY transfer mode.
     This has meaning only if Mac name space is selected.


Macros used in CommentFile and LogoFile files.
 All character sequences $[character] are macros. Macros are case sensitive
 and unknown macros are ignored.
 Macro			Expansion

  $f		Novell name of server running FTPD

  $s		Internet name of server running FTPD

  $u		Novell user name, or user name from ID for anonymous.

  $h		IP full host name or IP address when host name cannot be
		resolved.

  $a		Anonymous ID for anonymous users, empty string otherwise.

  $t		Local time in form "Mon Oct 20 11:32:54 1992".
		(without quotes)
  
  $n		Number of logged FTP clients.

  $w            "Warning, I cannot map your network address to hostname." 
 	        if user address cannot be mapped to hostname,
                empty string otherwise.

  $m		Empty string for non-anonymous users.
		For anonymous user:
  	         if address cannot be mapped to hostname
                  "Warning, I cannot map your network address to hostname." 
		 if anonymous id not valid e-mail address expand to
                  "Please, next time use name@hostname as an anonymous id."
		  Hostname is substituted with user hostname.
		Valid anonymous id is name@ or name@hostname.domain


Hints:

 - When the user enters the '-' character as the first character of the
   password, no files specified by LogoFile and CommentsFile commands are
   displayed. This character is excluded from the password. Use this
   if your FTP client prints garbage or hangs.


 - Determining the user home directory:
    1) If there is the subcommand HomeDir specified for a community,
       user home directory is set to this directory.

    2) If the user has set the property HOME_DIR (by jrb utilites), current
        directory is set to the HOME_DIR directory.

    2) The server searches the trustee list for the user. If it finds
       a directory where the user has explicitly stated rights and the name
       of the directory matches the name of the user (only 8 characters are
       tested), it sets this directory as home directory.

 
 - The "cd ~" command changes current directory to user's home directory.
  
 - "Standard" Novell access restriction.
    All standard Novell access restrictions apply for FTP access,
    with this exception:
     Station restriction (network, node address) is ignored when user
     is logged on master server (server running FTPD). On remote servers,
     station restriction is accepted. (Sorry for this, but it is bug in
     Novell's CLIB [or feature :-) ]).
        
 - FTPD users are logged from internal IPX network of master server (server 
   running FTPD), node 1. This can be used for additional access restriction on
   remote servers. 

 - If you want to login to remote 386 server, it must have set the option
   "SET Reply To Get Nearest Server=ON". (Novell CLIB bug or feature ?)

 - Active FTP connection cannot be cleared from MONITOR.

 - Anonymous access
    To enable anonymous access you must create account "ANONYMOUS" 
    without password (on master server) and set the home directory and 
    trustees rights for this user (or use HomeDir subcommand for
    community Anonymous).
    
    If you want to restrict access to this account from local IPX
    network, you can use station restriction to restrict Anonymous to
    master server internal IPX network only.


 - DOS name space
    FTP daemon accepts two formats of file names. 

    First (and preferred) is Unix-like:
      /volume/dir/dir/filename.ext    	for full filename specification
     or
      dir/dir/filename.ext		for filename specification
                                        relative to current directory

   Second is Netware style:
     volume:/dir/dir/filename.ext	for full filename specification
     volume:dir/dir/filename.ext 

    or
     dir/dir/filename.ext     		for filename specification
					relative to current directory


- Mac name space
   If you have selected Mac name space, you must enter the filename
   like this (even when referring to DOS only name space volumes):

    :volume:folder:folder:filename      for full filename specification
   or
    folder:folder:filename		for filename specification 
					relative to current folder.

   If there's no added MAC name space on the target volume, the
   command is processed in DOS name space (colons are processed as
   slashes).

   There is no way to enter SITE commands from Mac graphic FTP
   clients. To be able to use Macs, set a community for them with Mac
   name space as default (with subcommand MacNameSpace).

   MACBINARY transfer mode is enabled as default (or it shouldn't be ?).

   The Mac name space is added after many requests. As I have no
   possibilty to test it with Mac here (we don't have any Macs), this
   should be taken only as the first attempt to make the FTPD
   Mac-compatible. Any help and feedback is very appreciated here.
 
