                      jftpgw - Joe's FTP Proxy/Gateway

  ------------------------------------------------------------------------

Hi there. This is jftpgw - Joe's FTP Proxy/Gateway.

Features:

jftpgw supports the following features:

   * Active as well as passive FTP transfers (the mode between the client
     and the proxy may differ from the mode between proxy and real ftp
     server)
   * Logging of connection attempts
   * Access control features, you can specify the user names that may
     connect from a specific host or IP range to another specific host or IP
     range.
   * If run as root, it drops the privileges as often as possible (anybody
     familiar with writing programs run as root? I am not!)
   * You can pretend to run a real ftp server (see defaultforward option)
   * Other forward (UserAlias) features are also possible. So you may
     specify an alias for a user with a password and jftpgw logs in to the
     real server as another user with another password.
   * Specify how many users are allowed to log in from which IP ranges
   * The throughput rate can be throttled according to which user logs in to
     which server
   * Several logfile options are provided: You can specify the issued
     commands you want to have logged in one file or more files (with
     different sets of commands to log) as well as a logfile for a whole ftp
     session
   * Various login strings are possible. You can even use another ftp proxy
     between jftpgw and the real FTP server (see below)
   * jftpgw runs as a daemon and rereads its configuration files in case it
     receives a SIGHUP
   * Regular users can run the proxy server on unprivileged ports as well
   * jftpgw is free in the sense of the GNU General Public License

Usage, Hints:

The codesize is very small, so you won't have difficulties to look through
it.
First, check the jftpgw.h file for the path of the main configuration file
(jftpgw.conf). The default location is /etc/jftpgw.conf but you may want to
change it if you don't have superuser privileges on the machine you intend
to run jftpgw.
There is one option called "accessfile" which specifies the location of the
access control file. All of the options of both files are documented within
them.
You may especially want to change the options "showserveraddr" and
"showclientaddr" as well as "bindport".
To use jftpgw, ftp to the bound address on the port jftpgw bound to (see
"bindport" option) and log in with one of the following strings:
user@host,port or user@host:port (or user,host,port or user,host:port)
So you can also use a browser like Netscape, say jftpgw runs on foo.bar.com
on port 2370 and you want to connect to sunsite.unc.edu, type in that URL:
ftp://anonymous,sunsite.unc.edu@foo.bar.com:2370
Thereafter you are prompted for the password. It would be no problem to
specify it as well but if you intend to send your e-Mail address as the
password, Netscape might get confused because of the `@'.
ftp://user,targethost,3454:passwd@foo.bar.com:2370 is a valid URL for
Netscape, connects to foo.bar.com on port 2370, logs in to targethost as
user user on port 3454 and sends passwd as the password.
As an advanced option you may also specify the mode (active or passive ftp)
you want the proxy to talk to the real server if it should differ from the
"defaultmode" option specified in the configuration file. So, if you are
using a web browser that uses passive ftp and you want to connect to a
server that can only handle active ftp you can add a :a or ,a to the login
string for active ftp between the proxy and the real server or a :p or ,p
for passive ftp. Thus, our example from above becomes:
ftp://user,targethost,3454,a:passwd@foo.bar.com:2370

If you want to use jftpgw with another FTP proxy, you can embrace the user
name in quotation marks in the login string as in "user@host"@jftpgwhost.

You can send the main jftpgw program (the one you started first) a SIGHUP
signal. This causes the server to reread the configuraton files for further
connects. jftpgw processes that are handling a connection are not affected
by this signal.

Download:

jftpgw is available here: http://www.mcknight.de/jftpgw/jftpgw-0.0.8.tar.gz

jftpgw is GPL software

Bugs, Suggestions, Patches:

Since this is really the first program with sockets I've ever written, I
guess there are still some bugs. If you find one, please tell me about, or
try to solve it for yourself and send me a patch. I really appreciate any
feedback from the users.

You can reach me via joe@mcknight.de.

About the author:

My name is Joachim Wieland, I'm 19 years old and I'm living in Germany in
Northern Bavaria near to Wrzburg. At the moment, I'm doing my civil service
(instead of a military service). My hobbies include jogging, riding my bike,
programming (of course ;-), Unix/Linux, music and going out... ;-) If you
want to know more about me or if you think you have something interesting to
talk about to me, feel free to contact me, I'm always happy if I receive a
mail from someone and if I make new acquaintances.

History:

Some time ago a friend accosted me and asked for an ftp proxy. His Linux box
is masqueraded by another one but he still wanted to share his FTP server
with the public. I searched the net, found a nice proxy in the fwtk package,
but it had problems with passive ftp (v2.0) and there was another annoying
thing I don't remember now. So I promised him to write my own FTP Proxy, and
well, in one week I did the hack. The program was enough for his needs, but
I enhanced it more and here is the result.

Have fun with jftpgw,
Joachim

  ------------------------------------------------------------------------
                      Joachim Wieland, May 14th, 2000
  ------------------------------------------------------------------------
