HOWTO: API/CLI into BPFTP Server

BulletProof FTP Server is an excellent FTP Server for Windows. With the recent development efforts in v2011, we thought it would be a good time to introduce some of the command-line-switches (CLI) for managing BPFTP Server from external programs, web-sites, scripts, etc.

NOTE: At times you’ll see BulletProof FTP Server for Windows referred to as “BPS”.

Let’s first start with a brief explanation of the binaries distributed with BulletProof FTP Server for Windows (BPS):

The default installation location for the program is located in the following location:
%PROGRAMFILES%\BulletProof FTP Server\

Depending on your version of Windows, %PROGRAMFILES% is expanded to the following for 32-Bit and 64-Bit versions of Windows:
C:\Program Files\BulletProof FTP Server\
C:\Program Files (x86)\BulletProof FTP Server\

Investigating this location will yield the following executables:
bpftpserver.exe – Main executable for the program
bpftpserver-adduser.exe – CLI to manipulating the User & Group Database
bpftpserver-service.exe – responsible for controlling BPS when it’s running as a Windows System Service
CSDispatcher.exe – used with “remote debug” for sending log-messages to our remote-server

MAIN EXECUTABLE

bpftpserver.exe [OPTION]

-reload
Will cause the running instance of BPS to reload the settings, users and group information.

-online
Take BPS online and ready for incoming connections.

-offline
Take BPS offline and disable the listener from answering incoming connections.

-exit
Terminate BPS and stop it’s execution on the system. All users will be forcibly disconnected.

-close
Keep BPS online and all active-connections maintain, but disable the listener; resuling in no *new* connections accepted.

-open
Renable the listener, allowing new connections to be accepted.

-startlogging
Start logging to the log-file defined in the software.

-stoplogging
Stop logging to the log-file.

-kickall
Kick all currently connected users off of the server.

-stat
Regenerate the statistics files for users in the system.

CLI ADDUSER

BulletProof FTP Server command-line utility 'bpftpserver-adduser.exe'
Copyright (c) 1998-2015 BulletProof Software LLC, All Rights Reserved.

Command-line utility to manipulate the USER and GROUP database for BulletProof FTP Server.

Usage: bpftpserver-adduser.exe [OPTION]…

Bulk Import (moreNew in Version 2013.1.0.7 – 2013-JUNE-26
–bulkimport=FILENAME.CSV
–bulkimport-help (reports a list of fields supported for CSV import)
–bulkimport-help-as-html (output HTML version of –bulkimport-help

-list=USERNAME[*,?]
-name=ACCOUNTNAME
-enabled
-disabled
-login=USERNAME
-group=GROUPNAME
-pswd=PASSWORD
-crypt
-access=PATH,ACCESSRIGHTS
-loginmsg=FILENAME
-speedlimit=[0,1]
-speedrcv=BYTES-PER-SECOND
-speedsnd=BYTES-PER-SECOND
-banfile=FILEMASK[,FILEMASK2,FILEMASK3,…]

Access = R(ead) W(rite) D(elete) A(ppend) M(ake) L(ist) S(ubdir) K(delete dir)

First -access will be Home Directory

Example :
C:\Program Files (x86)\BulletProof FTP Server\bpftpserver-adduser.exe -name=newuser -enabled -login=newlogin -pswd=newpass -group=demogroup -loginmsg=c:\login.txt -access=c:\ftproot\,RLS -banfile=+*.jpg,+*.gif

Some explanation of the behavior is important, specifically the “-access” parameter. In the above example the login of “newlogin” for the account “newuser” is given the directory of “c:\ftproot\”

We’ll break down the command-line, piece by piece

-name=newuser
While initially confusing, there’s a difference between an “account-name” and the “login-name”. The account-name refers to a “user-friendly” name for the account, such as “upstairs accountant” and “log-name” is the actual login that used to access the ftp-server; such as “accountant”.

-enabled
Will enable the account for login

-login=newlogin
The login-name for the user to use to access the ftp-server (see above not for -name)

-pswd=newpass
The password for the login

-group=demogroup
If the account belongs to a group, you can specify the name of the group (OPTIONAL)

-loginmsg=c:\login.txt
Will send a user-specific login-message via the protocol to the user after logging in (OPTIONAL)

-access=c:\ftproot\,RLS
Will add an access-right for the account to the directory c:\ftproot\ with the privledges of (R)ead,(L)ist,(S)ubdir . The first access-right specified will be the HOME-DIRECTORY for the user. Additional access-rights can be defined by use the “-access” parameter again. If you are specifying a user-account that already exists, then all access-rights for the account will be deleted and given the access-rights that you define here.

-banfile=+*.jpg,+*.gif
Will add a file-mask of files that the user-account is prohibited from uploading or downloading. (OPTIONAL)