Your IP : 3.135.198.165
<!DOCTYPE html>
<html>
<head>
<title>ProFTPD module mod_redis</title>
</head>
<body bgcolor=white>
<hr>
<center>
<h2><b>ProFTPD module <code>mod_redis</code></b></h2>
</center>
<hr><br>
<p>
The <code>mod_redis</code> module enables ProFTPD support for caching data in
<a href="https://redis.io">Redis</a> servers, using the
<a href="https://github.com/redis/hiredis">hiredis</a> client library.
<h2>Directives</h2>
<ul>
<li><a href="#RedisEngine">RedisEngine</a>
<li><a href="#RedisLog">RedisLog</a>
<li><a href="#RedisLogOnCommand">RedisLogOnCommand</a>
<li><a href="#RedisServer">RedisServer</a>
<li><a href="#RedisTimeouts">RedisTimeouts</a>
</ul>
<hr>
<h3><a name="RedisEngine">RedisEngine</a></h3>
<strong>Syntax:</strong> RedisEngine <em>on|off</em><br>
<strong>Default:</strong> RedisEngine off<br>
<strong>Context:</strong> server config, <code><VirtualHost></code>, <code><Global></code><br>
<strong>Module:</strong> mod_redis<br>
<strong>Compatibility:</strong> 1.3.6rc5 and later
<p>
The <code>RedisEngine</code> directive enables or disables the
<code>mod_redis</code> module, and thus the configuration of Redis support for
the <code>proftpd</code> daemon.
<p>
<hr>
<h3><a name="RedisLog">RedisLog</a></h3>
<strong>Syntax:</strong> RedisLog <em>path|"none"</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code><VirtualHost></code>, <code><Global></code><br>
<strong>Module:</strong> mod_redis<br>
<strong>Compatibility:</strong> 1.3.6rc5 and later
<p>
The <code>RedisLog</code> directive is used to specify a log file for
<code>mod_redis</code>'s reporting on a per-server basis. The
<em>file</em> parameter given must be the full path to the file to use for
logging.
<p>
Note that this path must <b>not</b> be to a world-writable directory and,
unless <code>AllowLogSymlinks</code> is explicitly set to <em>on</em>
(generally a bad idea), the path must <b>not</b> be a symbolic link.
<p>
<hr>
<h3><a name="RedisLogOnCommand">RedisLogOnCommand</a></h3>
<strong>Syntax:</strong> RedisLogOnCommand <em>commands format-name</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code><VirtualHost></code>, <code><Global></code><br>
<strong>Module:</strong> mod_redis<br>
<strong>Compatibility:</strong> 1.3.6rc5 and later
<p>
The <code>RedisLogOnCommand</code> directive configures the use of Redis for
<em>logging</em>. Whenever one of the comma-separated list of <em>commands</em>
occurs, <code>mod_redis</code> will compose a JSON object, using the
<a href="mod_log.html#LogFormat"><code>LogFormat</code></a> named by
<em>format-name</em> as a <i>template</i> for the fields to include in the
JSON object. The JSON object of that event will then be appended to a list
stored in Redis, using <em>format-name</em> as the key name. Multiple
<code>RedisLogOnCommand</code> directives can be used, for different log formats
for different events.
<p>
More on the use of Redis logging, including a table showing how
<code>LogFormat</code> variables are mapped to JSON object keys can be found
<a href="#Logging">here</a>.
<p>
Example:
<pre>
LogFormat file-transfers "%h %l %u %t \"%r\" %s %b"
RedisLogOnCommand APPE,RETR,STOR,STOU file-transfers
LogFormat sessions "%{iso8601}"
RedisLogOnCommand CONNECT,DISCONNECT sessions
</pre>
<p>
In addition to specific FTP commands, the <em>commands</em> list can specify
"ALL", for logging on <b>all</b> commands. Or it can <i>include</i> the
"CONNECT" and "DISCONNECT" <i>commands</i>, which can be useful for logging the
start and end times of a session. <b>Note</b> that
<code>RedisLogOnCommand</code> does <b>not</b> currently support the logging
<i>classes</i> that the <code>ExtendedLog</code> directive supports.
<p>
<hr>
<h3><a name="RedisServer">RedisServer</a></h3>
<strong>Syntax:</strong> RedisServer <em>server [password]</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code><VirtualHost></code>, <code><Global></code><br>
<strong>Module:</strong> mod_redis<br>
<strong>Compatibility:</strong> 1.3.6rc5 and later
<p>
The <code>RedisServer</code> directive is used to configure the IP address/port
of the Redis server that the <code>mod_redis</code> module is to use. For
example:
<pre>
RedisServer 1.2.3.4:6379
</pre>
or, for an IPv6 address, make sure the IPv6 address is enclosed in square
brackets:
<pre>
RedisServer [::ffff:1.2.3.4]:6379
</pre>
<p>
Alternatively, you can configure a Unix domain socket path using <i>e.g.</i>:
<pre>
RedisServer /var/run/redis.sock
</pre>
<p>
An optional <em>password</em> parameter can be provided, for Redis servers
which are password protected.
<p>
<hr>
<h3><a name="RedisTimeouts">RedisTimeouts</a></h3>
<strong>Syntax:</strong> RedisTimeouts <em>connect-millis io-millis</em><br>
<strong>Default:</strong> RedisTimeouts 500 500<br>
<strong>Context:</strong> server config, <code><VirtualHost></code>, <code><Global></code><br>
<strong>Module:</strong> mod_redis<br>
<strong>Compatibility:</strong> 1.3.6rc5 and later
<p>
The <code>RedisTimeouts</code> directive configures timeouts to be used
when communicating with the Redis server. The <em>connect-millis</em>
parameter specifies a timeout, in milliseconds, to use when first
connecting to the Redis server. The <em>io-millis</em> parameter specifies
a timeout, in milliseconds, to use both when sending commands to Redis, and
when reading responses.
<p>
The default is 500 milliseconds for both timeouts:
<pre>
RedisTimeouts 500 500
</pre>
<p>
<hr>
<h2><a name="Installation">Installation</a></h2>
The <code>mod_redis</code> module is distributed with ProFTPD. To enable
support and use of the Redis protocol in your <code>proftpd</code> daemon,
use the <code>--enable-redis</code> configure option:
<pre>
$ ./configure --enable-redis ...
$ make
$ make install
</pre>
This option causes the <code>mod_redis</code> module to be compiled into
<code>proftpd</code>.
<p>
You may also need to tell <code>configure</code> how to find the
<code>hiredis</code> header and library files:
<pre>
$ ./configure --enable-redis \
--with-includes=<i>/path/to/hiredis/include</i> \
--with-libraries=<i>/path/to/hiredis/lib</i>
</pre>
<p>
<hr>
<h2><a name="Usage">Usage</a></h2>
<p>
Configuring Redis for use by other modules, <i>e.g.</i> <code>mod_ban</code>
or <code>mod_tls_redis</code>:
<pre>
<IfModule mod_redis.c>
RedisEngine on
RedisLog /var/log/ftpd/redis.log
RedisServer 127.0.0.1:6379
</IfModule>
</pre>
<p>
This example shows the use of Redis logging for <em>all</em> commands:
<pre>
<IfModule mod_redis.c>
RedisEngine on
RedisLog /var/log/ftpd/redis.log
RedisServer 127.0.0.1:6379
LogFormat redis "%h %l %u %t \"%r\" %s %b"
RedisLogOnCommand ALL redis
</IfModule>
</pre>
<p><a name="Logging"></a>
<b>Redis Logging</b><br>
When using Redis logging, the following table shows how <code>mod_redis</code>
converts a <code>LogFormat</code> variable into the key names in the JSON
logging objects:
<table border=1 summary="Redis LogFormat Variables">
<tr>
<td><b><code>LogFormat</code> Variable</b></td>
<td><b>Key</b></td>
</tr>
<tr>
<td> <code>%A</code> </td>
<td>anon_password</td>
</tr>
<tr>
<td> <code>%a</code> </td>
<td>remote_ip</td>
</tr>
<tr>
<td> <code>%b</code> </td>
<td>bytes_sent</td>
</tr>
<tr>
<td> <code>%c</code> </td>
<td>connection_class</td>
</tr>
<tr>
<td> <code>%D</code> </td>
<td>dir_path</td>
</tr>
<tr>
<td> <code>%d</code> </td>
<td>dir_name</td>
</tr>
<tr>
<td> <code>%E</code> </td>
<td>session_end_reason</td>
</tr>
<tr>
<td> <code>%{<em>name</em>}e</code> </td>
<td>ENV:<em>name</em></td>
</tr>
<tr>
<td> <code>%F</code> </td>
<td>transfer_path</td>
</tr>
<tr>
<td> <code>%f</code> </td>
<td>file</td>
</tr>
<tr>
<td> <code>%{file-modified}</code> </td>
<td>file_modified</td>
</tr>
<tr>
<td> <code>%g</code> </td>
<td>group</td>
</tr>
<tr>
<td> <code>%{gid}</code> </td>
<td>gid</td>
</tr>
<tr>
<td> <code>%H</code> </td>
<td>server_ip</td>
</tr>
<tr>
<td> <code>%h</code> </td>
<td>remote_dns</td>
</tr>
<tr>
<td> <code>%I</code> </td>
<td>session_bytes_rcvd</td>
</tr>
<tr>
<td> <code>%{iso8601}</code> </td>
<td>timestamp</td>
</tr>
<tr>
<td> <code>%J</code> </td>
<td>command_params</td>
</tr>
<tr>
<td> <code>%L</code> </td>
<td>local_ip</td>
</tr>
<tr>
<td> <code>%l</code> </td>
<td>identd_user</td>
</tr>
<tr>
<td> <code>%m</code> </td>
<td>command</td>
</tr>
<tr>
<td> <code>%{microsecs}</code> </td>
<td>microsecs</td>
</tr>
<tr>
<td> <code>%{millisecs}</code> </td>
<td>millisecs</td>
</tr>
<tr>
<td> <code>%{note:<em>name</em>}</code> </td>
<td>NOTE:<em>name</em></td>
</tr>
<tr>
<td> <code>%O</code> </td>
<td>session_bytes_sent</td>
</tr>
<tr>
<td> <code>%P</code> </td>
<td>pid</td>
</tr>
<tr>
<td> <code>%p</code> </td>
<td>local_port</td>
</tr>
<tr>
<td> <code>%{protocol}</code> </td>
<td>protocol</td>
</tr>
<tr>
<td> <code>%r</code> </td>
<td>raw_command</td>
</tr>
<tr>
<td> <code>%S</code> </td>
<td>response_msg</td>
</tr>
<tr>
<td> <code>%s</code> </td>
<td>response_code</td>
</tr>
<tr>
<td> <code>%T</code> </td>
<td>transfer_secs</td>
</tr>
<tr>
<td> <code>%t</code> </td>
<td>local_time</td>
</tr>
<tr>
<td> <code>%{transfer-failure}</code> </td>
<td>transfer_failure</td>
</tr>
<tr>
<td> <code>%{transfer-status}</code> </td>
<td>transfer_status</td>
</tr>
<tr>
<td> <code>%U</code> </td>
<td>original_user</td>
</tr>
<tr>
<td> <code>%u</code> </td>
<td>user</td>
</tr>
<tr>
<td> <code>%{uid}</code> </td>
<td>uid</td>
</tr>
<tr>
<td> <code>%V</code> </td>
<td>server_dns</td>
</tr>
<tr>
<td> <code>%v</code> </td>
<td>server_name</td>
</tr>
<tr>
<td> <code>%{version}</code> </td>
<td>server_version</td>
</tr>
<tr>
<td> <code>%w</code> </td>
<td>rename_from</td>
</tr>
</table>
<p>
In addition to the standard <code>LogFormat</code> variables, the
<code>mod_redis</code> module also adds a "connecting" key for events
generated when a client first connects, and a "disconnecting" key for events
generated when a client disconnects. These keys can be used for determining
the start/finish events for a given session.
<p>
Here is an example of the JSON-formatted records generated, using the above
example configuration:
<pre>
{"connecting":true,"timestamp":"2013-08-21 23:08:22,171"}
{"command":"USER","timestamp":"2013-08-21 23:08:22,278"}
{"user":"proftpd","command":"PASS","timestamp":"2013-08-21 23:08:22,305"}
{"user":"proftpd","command":"PASV","timestamp":"2013-08-21 23:08:22,317"}
{"user":"proftpd","command":"LIST","bytes_sent":432,"transfer_secs":4.211,"timestamp":"2013-08-21 23:08:22,329"}
{"user":"proftpd","command":"QUIT","timestamp":"2013-08-21 23:08:22,336"}
{"disconnecting":true,"user":"proftpd","timestamp":"2013-08-21 23:08:22,348"}
</pre>
Notice that for a given event, not <i>all</i> of the <code>LogFormat</code>
variables are filled in. If <code>mod_redis</code> determines that a given
<code>LogFormat</code> variable has no value for the logged event, it will
simply omit that variable from the JSON object.
<p>
Another thing to notice is that the generated JSON object ignores the textual
delimiters configured by the <code>LogFormat</code> directive; all that
matters are the <code>LogFormat</code> variables which appear in the directive.
<p><a name="FAQ"></a>
<b>Frequently Asked Questions</b><br>
<p><a name="SQLLog"></a>
<font color=red>Question</font>: How can I convert this SQL logging into the
equivalent Redis logging?
<pre>
SQLNamedQuery upload FREEFORM "INSERT INTO ftplogs ('userid', 'server_ip', 'transfer_date', 'operation', 'protocol', 'client_ip', 'transfer_time', 'bytes_transfer', 'file_hash_type', 'file_hash', 'file_path', 'transfer_status') VALUES ('%u', '%H', NOW(), '%r', '%{protocol}', '%a', '%T', '%b', '%{note:mod_digest.algo}', '%{note:mod_digest.digest}', '%f', '%{transfer-status}')"
SQLLog STOR upload
</pre>
<font color=blue>Answer</font>: Since the JSON object key names are hardcoded
in <code>mod_redis</code>, converting the above <code>SQLNamedQuery</code>
into a suitable/matching <code>LogFormat</code> is the necessary step. Thus
for example it might become:
<pre>
LogFormat upload "%u %H %{YYYY-MM-DD HH:MM:SS}t %r %{protocol} %a %T %b %{note:mod_digest.algo} %{note:mod_digest.digest} %f %{transfer-status}"
RedisLogOnCommand STOR upload
</pre>
<b>Note</b> that <code>LogFormat</code> does not provide a <code>NOW()</code>
function, unlike many SQL databases, thus the <code>%t</code> variable is
needed to provide/fill in that timestamp.
<p>
<hr>
<font size=2><b><i>
© Copyright 2017 The ProFTPD Project<br>
All Rights Reserved<br>
</i></b></font>
<hr>
</body>
</html>