kungfoo... http://sourceforge.net/projects/kungfoo/


mod_kungfoo - A proftpd module with all the functions you could possible think of and don't really need.

Isn't it about time you could do basiclly anything in your ftpd? Well here is the answer, the mod_kungfoo project is aiming to include all the crasy functions you never thought of having in an ftpd... well seriouslly we might add one or two good once also.
The idea behind mod_kungfoo is too be able to manage an ftpd from the ftpf itself and have everything in a database (sql mostly).


properties: How they work
Properties can be set on users/groups and have a default value. When lookup of a property happens it will search the users properties first, then the groups properties and last the default value.

User -> Group -> Default

NOTE: Only primary group counts

In ftpd commands:
SITE SET [[USER/GROUP <NAME>] | DEFAULT] <PROPERTY_NAME> <VALUE...>


Support for adding users/groups online
Current in ftpd support for adding users/groups are based on mod_sql user/group table layout but will change to an mod_kungfoo specific layout (reason for own sql engine below). Its based on 3 tables namly users, groups and group_link. All in all only change from mod_sql table layout are that members are moved from an text based link to a ID -> ID group_link table which gives more flexibility when doing sql lookups. Current password encryption are based on mysql's PASSWORD() but will change to md5 when moving to the new sql engine.

In ftpd commands:
SITE ADDUSER <NAME> [PASS <PASSWORD>] [UID <UID>] [[GROUP <NAME>]/[GID <GID>]] [HOMEDIR <HOMEDIR>]
SITE ADDGROUP <NAME> [GID <GID>]


Command access control
Current command access control can only be set command wise (future release will be able to control access base also on what the users asks to do). It can be set to a user or group or to everyone and has the option to add no-access mening don't give access to a specified command. Altho not adding an access will refuse access the point of no-access will be clearer when you can say no to a special question and not the whole command itself.

In ftpd commands:
SITE ACCESS [USER/GROUP <NAME>]/ANY <COMMAND>/ANY
SITE NOACCESS [USER/GROUP <NAME>]/ANY <COMMAND>/ANY
SITE SHOW ACCESS [USER/GROUP <NAME>]/ANY/ALL
SITE CLEAR ACCESS [USER/GROUP <NAME>]/ANY <COMMAND>/ANY
SITE CLEAR NOACCESS [USER/GROUP <NAME>]/ANY <COMMAND>/ANY


IP ACL
Current ip acl can be set on users but in future will also be able to set on groups. NOTE only numeric ips are current supported and /SUBNET doesnt work yet. Properties ip_netmask_minimum and ip_require_ident affect the user adding the ips to another user, this is indented to force admins to use safer ident@hosts.

In ftpd commands:
SITE IP [USER/GROUP <NAME>]/ANY <X.X.X.X/HOST>[[/<SUBNET>] | [NETMASK <X.X.X.X>]] [IDENT <IDENT>]
SITE NOIP [USER/GROUP <NAME>]/ANY <X.X.X.X/HOST>[[/<SUBNET>] | [NETMASK <X.X.X.X>]] [IDENT <IDENT>]
SITE SHOW IP [USER <NAME>]/ANY/ALL
SITE CLEAR IP [USER <NAME>]/ANY <X.X.X.X/HOST>[[/SUBNET] | NETMASK <X.X.X.X>] [IDENT <IDENT>]
SITE CLEAR NOIP [USER <NAME>]/ANY <X.X.X.X/HOST>[[/SUBNET] | NETMASK <X.X.X.X>] [IDENT <IDENT>]

Properties assosiated:
ip_acl sets if you need ip acl to get in
ip_netmask_minimum minimum netmask able to add
ip_require_ident if ident is required when adding ip
ip_max_number max number of ips allowed on a user


Ratio support
Simple X:Y ratio on bytes is currently implemented but file ratio will added.

Properties assosiated:
ratio X:Y ratio
credit bytes you have left to use

...more to come

SourceForge.net Logo