External FTP Server

[Monk]

I decided that I hate the FTP server that is built into it. I have my reasons, but

 

Here's the SQL code for the server to allow for dirs, UID and stuff. I'm using pure-ftpd in production without any issues.

 

Enjoy!

 

MYSQLGetPW      SELECT MD5_Password as Password FROM tc_users WHERE User_ID="\L" AND status="1"

# Hackity Hack Hack! Better way to do this, but it works. 
# Allows for multiple services to show up when a user logins 
MYSQLGetDir     SELECT "c:\servers/\L/GameServers" AS Dir FROM tc_services WHERE USER_ID="\L" AND SERVER_IP="\I"

[Dan M]

Thank you Monk, I'm sure this will come in handy for the future

[maddanny]

I hope you didnt forgot to deny executable files uploading

[jcroom]

Great work Monk!

 

 

I hope you didnt forgot to deny executable files uploading

 

This isnt the actual FTP server, this is just going to get you the password and game directory so that you can integrate it with your own FTP server

[ECF]

Be careful with this code. You need to make sure that you have locked down the FTP server so users cannot access certain files etc... I know Monk will be security wise with it, but others users should not simply use it to connect to pure-ftpd.

[Monk]

I have Chroot enabled, and antiwarez enabled. The server runs with privsep, and it doesn't allow chmod. The server runs as a user (tcadmin) and it's completely secure.

 

I'm working on getting TLS enabled with this, which will be totally secure in upload config files with passwords in them.

[maddanny]

If you allow .exe or any executable file uploading, it's not secure.

And your idea has just a bad thing: each server is shown as its ID, not as IP:port, if a customer has more than one server, he might not be very happy

[Monk]

The ID isn't a big deal, I can script it to get created when a server is created. I am currently working on denying certain types of uploads, aka obeying what tcadmin deny's.

[ECF]

Just for curiousity sake Gary. What did you not like about the built in FTP?

[Monk]

On my other.. setup, ECF, it corrupts uploads for maps. Not really an issue that your fault, just my environment. Plus I thought it would be fun to do

 

Another thing is, I can centralize logging to see if people try and upload zip files with warez in them (it's happended before)

[ECF]

Freaking people try everything nowadays....

[jcroom]

Yep, just when I thought I have seen it all someone usually does something to top it.

[Monk]

This isn't bad, I think it's nifty, considering.

[ECF]

I meant the warez uploads Gary. Not the FTP.

[compiledI]

Ave, http://shysave.com/?said=t192