NAME
webfsd - a lightweight http server
SYNOPSIS
webfsd [ options ]
DESCRIPTION
This is a simple http server for purely static content. You can use it
to serve the content of a ftp server via http for example. It is also
nice to export some files the quick way by starting a http server in a
few seconds, without editing some config file first.
OPTIONS
-h Print a short help text and the default values for all options.
If used as last option, the printout will reflect command line
choices.
-4 Use IPv4 only.
-6 Use IPv6 only.
-d Enable debug output.
-s Write a start/stop notice and serious errors to the syslog.
Specify this option twice to get a verbose log (additional log
events like dropped connections).
-t sec Set network timeout to >sec< seconds.
-c n Set the number of allowed parallel connections to >n<. This is
a per-thread limit.
-a n Configure the size of the directory cache. Webfs has a cache
for directory listings. The directory will be reread if the
cached copy is more than one hour old or if the mtime of the
directory has changed. The mtime will be updated if a file is
created or deleted. It will not be updated if a file is only
modified, so you might get outdated time stamps and file sizes.
-j Do not generate a directory listing if the index-file isn’t
found.
-y n Set the number of threads to spawn (if compiled with thread
support).
-p port
Listen on port >port< for incoming connections.
-r dir Set document root to >dir<.
-R dir Set document root to >dir< and chroot to >dir< before start
serving files. Note that this affects the path for the access
log file and pidfile too.
-f file
Use >file< as index file for directories. If a client asks for
a directory, it will get >file< as response if such a file
exists in the directory and a directory listing otherwise.
index.html is a frequently used filename.
-n hostname
Set the hostname which the server should use (required for
redirects).
-i ip Bind to IP-address >ip<.
-l log Log all requests to the logfile >log< (common log format).
Using "-" as filename makes webfsd print the access log to
stdout, which is only useful together with the -F switch (see
below).
-L log Same as above, but additional flush every line. Useful if you
want monitor the logfile with tail -f.
-m file
Read mime types from >file<. Default is /etc/mime.types. The
mime types are read before chroot() is called (when started with
-R).
-k file
Use >file< as pidfile.
-u user
Set uid to >user< (after binding to the tcp port). This option
is allowed for root only.
-g group
Set gid to >group< (after binding to the tcp port). This option
is allowed for root only.
-F Don’t run as daemon. Webfsd will not fork into background, not
detach from terminal and report errors to stderr.
-b user:pass
Set user+password for the exported files. Only a single
username/password combination for all files is supported.
-e sec Expire documents after >sec< seconds. You can use that to make
sure the clients receive fresh data if the content within your
document root is updated in regular intervals. Webfsd will send
a Expires: header set to last-modified time plus >sec< seconds,
so you can simply use the update interval for >sec<.
-v Enable virtual hosts. This has the effect that webfsd expects
directories with the hostnames (lowercase) under document root.
If started this way: "webfsd -v -r /home/web", it will look for
the file /home/web/ftp.foobar.org/path/file when asked for
http://ftp.FOObar.org:8000/path/file.
-x path
Use >path< as CGI directory. >path< is interpreted relative to
the document root. Note that CGI support is limited to GET
requests. The first character in the path string must be a
slash!
-S Secure web server mode. Warning: This mode is strictly for
https.
-C path
File to use as SSL certificate. This file must be in chained PEM
format, and may contain server certificate as well as RSA key,
but the latter can equally well be a separate entity, see -K.
-K path
File that contains the private key, if the key is not bundled
with the certificate.
-A path
Optional file containing CA-certificate and certificate chain.
-V Apply a verification procedure to the client certificate and
chain. These must, if this option is chosen, be supplied by any
client. Each chain member must pass verification, and must in
turn verify the next chain member. The validity time for the
client certificate is checked.
-Q ciphers
Specify acceptable cipher priorities for handshake, data
exchange, etc. The default value is NORMAL.
Webfsd can be installed suid root (although the default install isn’t
suid root). This allows users to start webfsd chroot()ed and to bind
to ports below 1024. Webfsd will drop root privileges before it starts
serving files.
Access control simply relies on Unix file permissions. Webfsd will
serve any regular file and provide listings for any directory it is
able to open(2).
AUTHOR
Gerd Knorr <kraxel@bytesex.org>
FreeBSD port by Charles F. Randall <cfr@pobox.com>
COPYRIGHT
Copyright (C) 1999,2000 Gerd Knorr <kraxel@bytesex.org>
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
675 Mass Ave, Cambridge, MA 02139, USA.
(c) 1999 Gerd Knorr webfsd(1)