ProFTPD的配置文件proftpd.conf
在我们这个例子中,ProFTPD的配置文件在/opt/proftpd/etc目录中,就是proftpd.conf文件;您可以把它改名备份;
- [root@localhost ~]# cd /opt/proftpd/etc/
- [root@localhost etc]# mv proftpd.conf proftpd.confBAK
然后再新建一个 proftpd.conf 文件,内容如下;您可以对这个文件进行相应的调整;其中#号部份就是注掉的,不会生效;注意一下MySQL连接数据库部份;另外如果您不是把ProFTPD安装在了/opt/proftpd目录下,一些东西也是需要调整的;自己看着办吧;
- # This is a basic ProFTPD configuration file (rename it to
- # 'proftpd.conf' for actual use. It establishes a single server
- # and a single anonymous login. It assumes that you have a user/group
- # "nobody" and "ftp" for normal operation and anon.
- ServerName "My TestFTP" #这是您的FTP服务器的名字,自己写定
- ServerType standalone
- ServerAdmin xxxxx@xxxxxxxxxxx.com #这是管理员信箱,自己来写;
- DefaultServer On
- # Display message
- DisplayLogin /opt/proftpd/etc/ftplogin.msg
- #DisplayConnect /net/messages/ftp.pre
- #DisplayFirstChdir index.txt
- # Port 21 is the standard FTP port.
- Port 21
- # Limit users to login by username
- AllowAll
- # Umask 022 is a good standard umask to prevent new dirs and files
- # from being group and world writable.
- Umask 022
- # Limit login attempts
- #
- MaxLoginAttempts 5
- # Set the maximum number of seconds a data connection is allowed
- # to "stall" before being aborted.
- TimeoutStalled 600
- TimeoutLogin 900
- TimeoutIdle 600
- TimeoutNoTransfer 600
- # Set the user and group under which the server will run.
- User nobody
- Group nobody
- # To cause every FTP user to be "jailed" (chrooted) into their home
- # directory, uncomment this line.
- DefaultRoot ~
- # Users needs a valid shell
- #
- RequireValidShell off
- # Performance: skip DNS resolution when we process the logs...
- UseReverseDNS off
- # Turn off Ident lookups
- IdentLookups off
- # Restart session support
- #
- AllowStoreRestart on
- AllowRetrieveRestart on
- #-------- load sql.mod for mysql authoritative --------#
- SQLConnectInfo proftpd@localhost proftpd 123456
- #注:上面这行是MySQL连接服务器部份,自己根据情况来改一改;
- SQLAuthTypes Plaintext
- SQLUserInfo ftpusers userid passwd uid gid homedir shell
- SQLGroupInfo ftpgroups groupname gid members
- SQLAuthenticate users groups
- SQLNegativeCache on
- SQLHomedirOnDemand on
- SQLLogFile /var/log/proftpd.sql.log
- SQLNamedQuery getcount SELECT "count from ftpusers where userid='%u'"
- SQLNamedQuery getlastlogin SELECT "lastlogin from ftpusers where userid='%u'"
- SQLNamedQuery updatelogininfo UPDATE "countcount=count+1,host='%h',lastlogin=current_timestamp() WHERE userid='%u'" ftpusers
- SQLShowInfo PASS "230" "You've logged on %{getcount} times, last login at %{getlastlogin}"
- SQLLog PASS updatelogininfo
- #-------- load sql.mod for mysql authoritative --------#
- #--------- load qudes.mod for Quota limit --------#
- QuotaDirectoryTally on
- QuotaDisplayUnits "Mb"
- QuotaEngine on
- #QuotaLog /var/log/proftpd.quota.log
- QuotaShowQuotas on
- SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, \
- bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits \
- WHERE name = '%{0}' AND quota_type = '%{1}'"
- SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, \
- bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies \
- WHERE name = '%{0}' AND quota_type = '%{1}'"
- SQLNamedQuery update-quota-tally UPDATE "bytes_in_usedbytes_in_used = bytes_in_used + %{0}, \
- bytes_out_usedbytes_out_used = bytes_out_used + %{1}, bytes_xfer_usedbytes_xfer_used = bytes_xfer_used + %{2}, \
- files_in_usedfiles_in_used = files_in_used + %{3}, files_out_usedfiles_out_used = files_out_used + %{4}, \
- files_xfer_usedfiles_xfer_used = files_xfer_used + %{5} \
- WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
- SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
- QuotaLimitTable sql:/get-quota-limit
- QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
- #--------- load qudes.mod for Quota limit --------#
- # Logging options
- # Debug Level
- # emerg, alert, crit (empfohlen), error, warn. notice, info, debug
- #
- SyslogLevel emerg
- SystemLog /var/log/proftpd.system.log
- TransferLog /var/log/proftpd.xferlog
- # Some logging formats
- #
- LogFormat default "%h %l %u %t \"%r\" %s %b"
- LogFormat auth "%v [%P] %h %t \"%r\" %s"
- LogFormat write "%h %l %u %t \"%r\" %s %b"
- # Log file/dir access
- # ExtendedLog /var/log/proftpd.access_log WRITE,READ write
- # Record all logins
- ExtendedLog /var/log/proftpd.auth_log AUTH auth
- # Paranoia logging level....
- ExtendedLog /var/log/proftpd.paranoid_log ALL default
- #注;上面几行是存放log的设置,不必改动也行;查看log就到上面相应的文件看吧;
- # To prevent DoS attacks, set the maximum number of child processes
- # to 30. If you need to allow more than 30 concurrent connections
- # at once, simply increase this value. Note that this ONLY works
- # in standalone mode, in inetd mode you should use an inetd server
- # that allows you to limit maximum number of processes per service
- # (such as xinetd).
- MaxInstances 30 #注最多30个ip同时登录使用ftp;
- # Maximum clients with message
- #MaxClients 2 "Sorry, max %m users -- try again later"
- MaxClientsPerHost 2 "Sorry, only 2 session for one host"
- #注每个ip,只能两个线程程,请自己调整;
- # Normally, we want files to be overwriteable.
- AllowOverwrite on
- RootLogin off
- RequireValidShell off
- # alphanumeric characters for uploads (and not shell code...)
- #PathAllowFilter "^[a-zA-Z0-9_.-]()'+$"
- #PathAllowFilter "^[a-zA-Z0-9 _.-]()'+$"
- # We don't want .ftpaccess or .htaccess files to be uploaded
- #PathDenyFilter "(\.ftp)|(\.ht)[a-z]+$"
- #pathDenyFilter "\.ftp[a-z]+$"
- # Do not allow to pass printf-Formats (security! see documentation!):
- #AllowFilter "^[a-zA-Z0-9@~ /,_.-]*$"
- #DenyFilter "%"
【编辑推荐】
