CentOS安装ProFTPd服务和ProFTPd服务器的管理(3)
ProFTPD的配置文件proftpd.conf
在我们这个例子中,ProFTPD的配置文件在/usr/local/proftpd/etc目录中,就是proftpd.conf文件;您可以把它改名备份;
[root@localhost ~]# cd /usr/local/proftpd/etc/
[root@localhost etc]# mv proftpd.conf proftpd.confBAK
然后再新建一个 proftpd.conf 文件,内容如下;您可以对这个文件进行相应的调整;其中#号部份就是注掉的,不会生效;注意一下MySQL连接数据库部份;另外如果您不是把ProFTPD安装在了/usr/local/proftpd目录下,一些东西也是需要调整的;自己看着办吧;
# This is a basic ProFTPD configuration file (rename it to
# ‘proftpd.conf’ for actual use. It establishes a single server
# and a single anonymous login. It assumes that you have a user/group
# “nobody” and “ftp” for normal operation and anon.ServerName “My TestFTP” #这是您的FTP服务器的名字,自己写定
ServerType standalone
ServerAdmin xxxxx@xxxxxxxxxxx.com #这是管理员信箱,自己来写
DefaultServer On# Display message
DisplayLogin /usr/local/proftpd/etc/ftplogin.msg
#DisplayConnect /net/messages/ftp.pre
#DisplayFirstChdir index.txt# Port 21 is the standard FTP port.
Port 21# Limit users to login by username
AllowAll# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask 022# Limit login attempts
#
MaxLoginAttempts 5# Set the maximum number of seconds a data connection is allowed
# to “stall” before being aborted.
TimeoutStalled 600
TimeoutLogin 900
TimeoutIdle 600TimeoutNoTransfer 600
# Set the user and group under which the server will run.
User nobody
Group nobody# To cause every FTP user to be “jailed” (chrooted) into their home
# directory, uncomment this line.
DefaultRoot ~# Users needs a valid shell
#
RequireValidShell off# Performance: skip DNS resolution when we process the logs…
UseReverseDNS off# Turn off Ident lookups
IdentLookups off# Restart session support
#
AllowStoreRestart on
AllowRetrieveRestart on#——– load sql.mod for mysql authoritative ——–#
SQLConnectInfo proftpd@localhost proftpd 123456
#注:上面这行是MySQL连接服务器部份,自己根据情况来改一改;
SQLAuthTypes Plaintext
SQLUserInfo ftpusers userid passwd uid gid homedir shell
SQLGroupInfo ftpgroups groupname gid members
SQLAuthenticate users groups
SQLNegativeCache on
SQLHomedirOnDemand on
SQLLogFile /var/log/proftpd.sql.logSQLNamedQuery getcount SELECT “count from ftpusers where userid=’%u’”
SQLNamedQuery getlastlogin SELECT “lastlogin from ftpusers where userid=’%u’”SQLNamedQuery updatelogininfo UPDATE “count=count+1,host=’%h’,lastlogin=current_timestamp() WHERE
userid=’%u’” ftpusers
SQLShowInfo PASS “230″ “You’ve logged on %{getcount} times, last login at %{getlastlogin}”
SQLLog PASS updatelogininfo
#——– load sql.mod for mysql authoritative ——–#
#——— load qudes.mod for Quota limit ——–#
QuotaDirectoryTally on
QuotaDisplayUnits “Mb”
QuotaEngine on
#QuotaLog /var/log/proftpd.quota.log
QuotaShowQuotas onSQLNamedQuery get-quota-limit SELECT “name, quota_type, per_session, limit_type, bytes_in_avail,
bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits
WHERE name = ‘%{0}’ AND quota_type = ‘%{1}’”
SQLNamedQuery get-quota-tally SELECT “name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used,
files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = ‘%{0}’ AND quota_type = ‘%
{1}’”
SQLNamedQuery update-quota-tally UPDATE “bytes_in_used = bytes_in_used + %{0}, bytes_out_used =
bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3},
files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = ‘%{6}’ AND
quota_type = ‘%{7}’” quotatallies
SQLNamedQuery insert-quota-tally INSERT “%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}” quotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tallyQuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally#——— load qudes.mod for Quota limit ——–#
# Logging options
# Debug Level
# emerg, alert, crit (empfohlen), error, warn. notice, info, debug
#
SyslogLevel emerg
SystemLog /var/log/proftpd.system.log
TransferLog /var/log/proftpd.xferlog# Some logging formats
#
LogFormat default “%h %l %u %t \”%r\” %s %b”
LogFormat auth “%v [%P] %h %t \”%r\” %s”
LogFormat write “%h %l %u %t \”%r\” %s %b”# Log file/dir access
# ExtendedLog /var/log/proftpd.access_log WRITE,READ write# Record all logins
ExtendedLog /var/log/proftpd.auth_log AUTH auth# Paranoia logging level….
ExtendedLog /var/log/proftpd.paranoid_log ALL default#注;上面几行是存放log的设置,不必改动也行;查看log就到上面相应的文件看吧;
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd).
MaxInstances 30 #注最多30个ip同时登录使用ftp;# Maximum clients with message
#MaxClients 2 “Sorry, max %m users — try again later”
MaxClientsPerHost 2 “Sorry, only 2 session for one host”
#注每个ip,只能两个线程程,请自己调整;
# Normally, we want files to be overwriteable.
AllowOverwrite onRootLogin off
RequireValidShell off
# alphanumeric characters for uploads (and not shell code…)
#PathAllowFilter “^[a-zA-Z0-9_.-]()’+$”
#PathAllowFilter “^[a-zA-Z0-9 _.-]()’+$”# We don’t want .ftpaccess or .htaccess files to be uploaded
#PathDenyFilter “(\.ftp)|(\.ht)[a-z]+$”
#pathDenyFilter “\.ftp[a-z]+$”# Do not allow to pass printf-Formats (security! see documentation!):
#AllowFilter “^[a-zA-Z0-9@~ /,_.-]*$”
#DenyFilter “%”