-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 01 June 2003 03.48, Christopher Mahmood wrote:
* Rikard Johnels (rjhn@linux.nu) [030531 15:02]:
Is there a way to block specific users from my vsftp server?
If they aren't anonymous users then sure, see the the chroot_list_enable section of vsftpd.conf(5). If they are anonymous then there's not a whole lot you can do.
Sometimes i find users uploading stuff that are outside the agreement, and i want to be able to DISCONNECT them as they are trying to. I tried blocking them inthe firewall by adding a DROP rule to the specific IP But the transfer stayed up.
Perhaps you blocked the control connection and not the data connection?
proftpd had nice features to view connected users and drop them at will. But as far as i can see vsftp hasnt got those. :(
No, it doesn't. Lack of feature creep is one of the reasons vsftpd doesn't have the miserable security history that proftpd has. It's a pretty straightforward shell script to write a utility like that, especially if these are not anonymous users.
--
-ckm I think i was a bit unclear in my question. I want to be able to "kill" a user as he/she is uploading.
I used the line: iptables -A INPUT -s xxx.xxx.xxx.xxx -d 0/0 --proto all -j DROP" to drop the connection, but it failed to kill the trensfer. As for the shellscript to list connected users... (anonymous as well as users) How do i get about that? I am NOT a very good programmer.. In fact, i almost cant write code at all... ( I would want a script (eg. "ftp_drop" ) that would disconnect a specified user/IP from the ftp session. Also a "ftpwho" that lists the user and up/download status... Is this feasible att all? What "language" shall i use? Bash? Perl? Where can i find info on how to do that? (May not know how to write scripts like that, but eager to learn) - -- /Rikard - ------------------------------------------------------------------------------------ Rikard Johnels email : rjhn@linux.nu Web : http://www.rikjoh.com Mob : +46 70 464 99 39 - ------------------------ Public PGP fingerprint ---------------------------- < 15 28 DF 78 67 98 B2 16 1F D3 FD C5 59 D4 B6 78 46 1C EE 56 > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE+28LJWdS2eEYc7lYRArE1AKDCQvLa6dxQPEnJAT2g46JeekMzpACguUdU 9CpLOaYYpM80CeNgSkp2Z5A= =C2xP -----END PGP SIGNATURE-----