ZZ: Proftp learning notes

xiaoxiao2021-03-06 19

Proftp learning notes - configuration fullness

Original address: http://www.5ilinux.com/blog/archives/000082.html

Reprinted please indicate the source and signature, and please keep the same

Proftp learning notes (1)

In these days, the company finally had a holiday, and finally I can take some Proftp MySQL quota.

Before installing Proftp, you must do a job first. If your MySQL is compiled by yourself, you must first modify /etc/ld.so.conf, otherwise run the Proftp later error.

vi /etc/ld.so.conf

Add below:

Code:

/ usr / local / mysql / lib / mysql

Note that if you are different from Mysql installation path, fill in the corresponding path, please refer to "Linux Apache MySQL PHP Typical Configuration" for MySQL.

1. Download related software

Code:

Wget ftp://ftp.proftpd.org/distrib/sourc...pd-1.2.9.tar.gz

Download Proftp's latest version 1.2.9

Code:

Wget http://www.castaglia.org/proftpd/mo...b-1.2.11.tar.gz

This is a module that matches the disk limit of Proftp

2. Decompression compilation

Code:

TAR ZVXF Proftpd-1.2.9.tar.gz

TAR ZVXF PrOFTPD-Mod-quotatab-1.2.11.tar.gz

CP MOD_QUTATAB / *. C PROFTPD-1.2.9 / Contrib /

CP MOD_QUTATAB / *. H ProftPD-1.2.9 / Contrib /

Vi ProftPD-1.2.9 / Contrib / MOD_SQL_MYSQL.C

Find this line of #include, change mysql.h to your system where the path is located, such as /usr/local/mysql/include/mysql/mysql.h

Compile:

Code:

./configure /

--Prefix = / usr / local / proFTPD /

--with-modules = mod_sql: MOD_SQL_MYSQL: MOD_QUTATAB /

: mod_quotatab_sql /

--with-incrudes = / usr / local / mysql / incrude / mysql /

--with-libraries = / usr / local / mysql / lib / mysql

Make

Make Install

OK, now we can start Proftp, as long as

Code:

/ usr / local / proFTPD / SBIN / PROFTPD

With your FTP client test, you should log in normally, including anonymity and Linux username.

In fact, the default proFTP meets daily server management or more than enough, there is a place or modification, it is the default PROFTP configuration file does not support FTP renewal, so we only need

Code:

Vi /usr/local/proftpd/etc/proftpd.conf

Add the following two lines

Code:

ALLOWRETRIEVERESTART ON

ALLOWSTORERESTART ON

Restart the following PROFTP, you can renew the file normally.

Create a ProftPd script

As long as the source code directory of Proftp

Code:

CP proftpd-1.2.9 / contrib / dist / rpm / proFTPd.init.d /etc/rc.d/initis d p pTPD

Remember to modify the proFTPD file, generally modify the actual path of ProftPD

Code:

Chmod 755 /etc/rc.d/init.d/proftpd

You can use this teaching to start, stop, restart Proftp

Oh, I will talk about this today, tell some basic configurations of Proftp tomorrow :)

============================================================================================================================================================================================================= =====

Original address: http://www.5ilinux.com/blog/archives/000085.html

Reprinted please indicate the source and signature, and please keep the same

Proftp learning note (2)

Last time we told Proftp's basic installation, because we have the settings about MySQL and Quota, so compile the corresponding modules when you compile, if you don't need mysql and disk quota, you can do it without this Compilation.

Here is a very practical order,

Code:

/ usr / local / proFTPD / SBIN / FTPSHUT

This command is still more practical, because you may need to constantly adjust your server, and this command is very flexible, you can stop the FTP connection in the premise of do not stop the proFTPD process, this will stop the FTP connection, how to use it in detail .

Code:

FTPSHUT [-L min] [-d min] Time [Warning-Message ...]

-l min: In a few minutes before the FTP closes the service, it is not acceptable to establish a new FTP connection.

-d min: In a few minutes before the FTP shutdown service, the established FTP connection will be aborted.

Time: After how many times, the server will turn off the FTP service, and there are two formats.

Number after closing the Number minutes

MMHH is in today mm: HH server will close

Note that here we use this command to stop the FTP service, but the actual proFTPD process has not stopped, so the general debug FTP will use this command.

Example:

After 30 minutes, the FTP service will be closed, and no new FTP connection is unacceptable before this, which has been built 10 minutes before the service is closed, and "FTP Server Will Shutdown at Time is displayed in the client." "

Code:

FTPSHUT -L 20 -D 10 30 "FTP Server Will Shutdown At Time"

In fact, ftpshut is generating / etc / shutmsg, you only need to delete this file FTP and you can reply, or

direct

Code:

FTPSHUT -R

Ok, I started telling some of the basic configuration of PrOFTPD. In fact, if you are familiar with the configured configuration of Apache, you will find that the PROFTPD setting is basically similar, its configuration basic format is

Code:

#Global Settings

Set item 1 parameter 1

Setting item 2 parameter 2

# A directory setting

...

# About setting up anonymous user

...

What we use may be the use of Limit. Limit has the following movements, which is basically able to cover all permissions. Everyone is flexible.

Code:

CMD: Change Working Directory Change Directory

MKD: Make Directory to establish permissions for the directory

RNFR: Rename from changes permissions for directory names

Dele: Delete deletes permissions

RMD: Remove Directory Delete Permissions for Directory

Retri Retrieve Permissions from the server to the client

STOR: Store is transferred from the client to the server

Read: readable permissions, excluding the permissions of the column directory, equivalent to RETR, STAT, etc.

WRITE: Permissions for writing files or directories, including MKD and RMD

DIRS: Whether to allow column directories, equivalent to license such as List, NLST, or more practical

All: All permissions

In response to the object applied above this, including the following range

Code:

ALLOWUSER allows for a user-allowed LIMIT

Denyuser is for a user-prohibited Limit

ALLOWGROUP allows for a user group Allowed Limit

DenyGroup is forbidden for a user group

ALLOWALL allows for all user groups

Denyall is for all users prohibited Limit

The parameters regarding the limit rate are:

Code:

TransferRate Stor | Retri Speed (KBytes / S) User User

Below we will explain the configuration of Proftp in example, so that you may be more easily understood.

1. The FTP server supports breakpoints, and the maximum support is 10 people online, and each IP only allows a connection;

2. Allows the FTPUsers user group to only access your own directory, and cannot access superiors or other directories;

3. The user does not display the FTP server version information when logging in the server to increase security;

4. Building a Kaoyan's FTP account belongs to the FTPUsers group, Kaoyan users only allow download, no writable permissions. Download rate is limited to 50kBytes / s.

5. Create a UPLOAD user, which belongs to the FTPUsers group, like the host directory of Kaoyan users, allows UPLOAD users to upload files and creation of permissions, but do not allow downloads, and do not allow deletion of directory and file permissions, uploaded rates in 100KBytes / s

First, the previous user and group adds and directory permission settings

Code:

Group add ftpusers

Useradd -d / home / kaoyan -g ftpusers -s / bin / falsed kaoyan

UserAdd -d / Home / Kaoyan -g ftpusers -s / bin / falset Upload

Chown -r kaoyan: Upload / Home / Kaoyan

CHMOD -R 775 / HOME / KAOYAN

If you just want users to access users in the FTPUsers group, they can be set to 770.

Set /usr/local/proftpd/etc/proftpd.conf

Note # 表示注注释, no effect on the settings, can not write

Code:

ServerName "Frank's FTP Server" Servertype Standalone

DefaultServer on

Port 21

Umask 022

MaxInstances 30 # Up to 30 Proftpd PIDs

User Nobody

Group nobody

TimeOutstalled 10

MaxClients 10 # Up to 10 users to be online

MaxClientSperhost 1 "Sorry, an IP only allows a connection"

ALLOWSTORERESTART ON

# Allow breakpoints (upload), breakpoint renewal (download) is the default support, no setup

DisplayLogin Welcome.msg # Welcome word file

ServerIdent Off # Shielded Server Version Information

Defaultroot ~ ftpusers # Set the FTPUsers group can only access your own directory

AllowoverWrite on

# 不

Denyuser kaoyan

# 不, 改改, download

Denyuser Upload

Transferrate Retr 50 User Kaoyan

TransferRate Stor 100 User Upload

The way I realized here can also pass

Code:

...

And more flexible, specifically use that way, see everyone, I just give you a door.

Ok, I will talk about it today, and I will continue to tell other configurations in PROFTP tomorrow.

Original address: http://www.5ilinux.com/blog/archives/000088.html

Reprinted please indicate the source and signature, and please keep the same

Proftp learning notes (3)

The two notes in front, I think everyone should have some understanding of Proftp, is it almost the same as the Apache configuration. I want to configure the serv_u server, then look at the configuration rules of PROFTP, you should be able to configure a powerful Proftp server immediately.

Here we talk about some of the other parameter configurations of Proftp:

MaxHostSperuser 1 "Sorry, each account is allowed to allow source IP to 1"

#MAXHOSTSPERUSER is also useful to prevent the FTP account.

MaxClientSperUser 1 "Sorry, each account can log in to each client" ## This parameter can prevent multithreaded software from downloading the server

MaxClientSperHost 1 "Sorry, the same client can only log in to the most accounts"

#, Such as the FTP server has a lot of accounts, but you can only use one account to log in.

Oh, these three MAX parameters are relatively easy to faint, everyone can figure out their meaning :)

WTMPLOG ON

# Do you want to record the FTP in the log, if you don't want to set it to the OFF shield off the log log.

TimeOutidle 600

# 客户户客户 i 时间时间, the default is 600 seconds

DisplayLogin Welcome.msg

# Set the FTP login welcome information file

The settings about the welcome files include the following parameters

Code:

% T current time

% F remaining the hard disk left

% C Currently in the current directory

% R Client's host name

% L Server host name

% U user account name

% M maximum number of connections

% N current server connections

% E FTP server administrator Email

% I Number of files uploaded

% O This quantity downloaded

% T This time upload number of downloaded files

Know these parameters, we can write a friendly welcome language

vi /home/kaoyan/welcome.msg

Code:

You are welcome to% U, this is Frank's test FTP server;

Current time is:% t;

This server allows up to% M user connections;

There is currently% N user connections on the server;

Currently your directory is% C;

The hard disk where the directory is located remains% F bytes.

Let PROFTP support now popular FXP transmission mode, it is not supported by default.

Just set in the server

Code:

AllowForeignAddress on

Passiveports 49152 65534 # port also you can specify yourself

Don't forget to set up to support FXP at the client, otherwise I think I tried it several times, I always thought that the server did not set well, in fact, the client is not set, huh, huh.

How to get root can log in, the default proFTP does not support root login, we can set up the root can also log in to FTP, but I still recommend that everyone is best not to let Root can log in to FTP, set the following

Code:

ROOTLOGIN ON

How to ban an address access FTP

For example, the 10.1.1 network segment is prohibited from accessing FTP, you can set it with this

Code:

ORDER DENY, ALOW

Deny from 10.1.1.

ALLOW FROM ALL

Establishment of virtual FTP, generally used for a FTP server has a lot of IP addresses, or FTP with different ports, basic setting syntax is:

For example, we have to do a port is a 5555 FTP server:

Code:

ServerName "Frank FTP Server"

Port 5555

...

As for other settings in the virtual host, I have a basically the basics I have previously speaking.

Upload / download ratio settings, I want to use serv_u friends must know this feature, let's make Proftp implement this feature.

To achieve the functional attention to compile, add the Ratio module, otherwise the default is not supported, assumes an account FTP1 ftp directory in / home / kaoyan, then we set up the upload / download ratio of FTP1 is 1: 2 (ie upload 1M, You can download 2M) code:

Touch /Home/kaoyan/ratio.dat

Touch /Home/kaoyan/ratio.tmp

CHMOD -R 666 / HOME / KAOYAN

Set as follows in proftpd.conf

Code:

Ratios on

Saveratios on

Ratiofile /Home/kaoyan/ratio.dat

Ratiotempfile /Home/kaoyan/ratio.tmp

Add in the corresponding setup item

Code:

Userratio ftp1 0 0 2 1000

# Uswalratio "User Account" Fileratio Filequota Byteratio Bytequota

# Fileratio: Based on the file, usually not limited, so 0

# Filequota: How much file can be downloaded, not limited to 0

# Byteratio: It is the ratio of upload / download, if the number is 2, indicating 1: 2

# Bytequota: Pre-setting how much KBYTES file

# The above setting is 1: 2 ratio, the default is only available to 1M file

OK, restart, FTP1 will be enabled to enable upload / download ratio.

Original address: http://www.5ilinux.com/blog/archives/000091.html

Reprinted please indicate the source and signature, and please keep the same

Proftp learning notes (four)

Today we speak Proftp MySQL quota applications, I think everyone is about this.

1. First we build corresponding users and user groups

Code:

GroupAdd -g 5500 ftpgroup

Adduser -u 5500 -s / bin / false -d / bin / null -c "proFTPD user" -g ftpgroup ftpuser

2. Operating the database

Code:

MySQL mysql -uroot -ppassword

Create Database FTPDB

Grant SELECT, UPDATE ON fTPDB. * to proFTPD @ localhost identified by 'password'

Use ftpdb

Create Table `ftpgroup` (

`groupname` VARCHAR (16) Not null default '',

`Gid` Smallint (6) Not Null Default '5500',

`MEMBERS` VARCHAR (16) Not null default ', key` groupname` (`GrouPname`

) TYPE = Myisam comment = 'proftp group table';

INSERT INTO `FTPGROUP` VALUES ('ftpgroup', 5500, 'ftpuser');

Create Table `ftpquotalimits`

`Name` VARCHAR (30) Default Null,

`Quota_Type` Enum ('user', 'group', 'class', 'all') Not null default 'user',

`per_session` Enum ('false', 'true') Not null default 'false',

`limit_type` Enum ('Soft', 'Hard') Not Null Default 'Soft',

`Bytes_in_avail` Float Not Null Default '0',

`Bytes_out_avail` Float Not Null Default '0',

`Bytes_xfer_avail` Float Not Null Default '0',

`files_in_avail` int (10) unsigned not null default '0',

`files_out_avail` int (10) unsigned not null default '0',

`Files_xfer_avail` int (10) unsigned not null default '0'

) TYPE = MyISAM;

Create Table `ftpquotatallies (

`Name` VARCHAR (30) Not null default ',

`Quota_Type` Enum ('user', 'group', 'class', 'all') Not null default 'user',

`bytes_in_used` Float Not Null Default '0',

`bytes_out_used` Float Not Null Default '0',

`Bytes_xfer_used` Float Not Null Default '0',

`files_in_used` int (10) Unsigned Not Null Default '0',

`files_out_used` int (10) Unsigned Not Null Default '0',

`files_xfer_used` int (10) unsigned not null default '0'

) TYPE = MyISAM;

Create Table `ftpuser` (

`id` int (10) unsigned not null auto_increment,

`Userid` VARCHAR (32) Not null default ',

`Passwd` VARCHAR (32) Not null default '',

`uid` smallint (6) Not null default '5500',

`Gid` Smallint (6) Not Null Default '5500',

`Homedir` VARCHAR (255) Not null default ',

`shell` Varchar (16) Not null default '/ sbin / nologin',

`count` int (11) Not null default '0',

`Accessed` DateTime Not Null Default '0000-00-00 00:00:00',

`Modified` DateTime Not Null Default '0000-00-00 00:00:00',

PRIMARY Key (`ID)

) TYPE = Myisam comment = 'proftp user table';

Note that everyone fills in the username and password of its own database according to the actual situation. If you are not familiar with the database, you can use phpMyAdmin to operate.

3. Configure the Proftp file

Code:

ServerName "Frank's FTP Server" Servertype Standalone Default Server ON

Port 21

Umask 022

MaxInstances 30

MaxLoginatTempts 3

User Nobody

Group nobody

Maxhostsperuser 1 "Sorry, You May Not Connect More Time Time."

MaxClientSper 2 "Only One Such User At A Time."

MaxClientSperhost 3 "Sorry, You May Not Connect More One Time."

Rootlogin off

Requirevalidshell Off

TimeOutstalled 10

MaxClients 10

AllowForeignAddress on

ALLOWSTORERESTART ON

ServerIdent Off

Defaultroot ~ ftpgroup

SQLAUTHTYPES BACKEND PLAINTEXT

#Backend represents the authentication method for the user authentication method for the mysql database

#Plaintext indicates the way of expressing the appropriation, the most in the first way is the way.

SQLAUTHENTICATE * GROUPS *

# DatabaseName @ Host Database_User User_password

SqlConnectinfo ftpdb @ localhost proFTPD Password

SQLUSERINFO FTPUSER USERID Passwd Uid Gid Homedir Shell

SqlgroupInfo ftpgroup groupname gid members

Sqlhomedirondemand on

# If the user's home directory does not exist, the system will create a directory based on the value of this user in the user data table. # Update Count Every Time User Logs in

SQLLog Pass UpdateCount

SqlnamedQuery UpdateCount Update "Count = Count 1, Accessed = now () Where userid = '% u'" ftpuser

# Update Modified Everytime User Uploads or deletes a file

SQLLOG Stor, Dele Modified

SQLNAMEDQUERY Modified Update "Modified = now () Where userid = '% u'" ftpuser

QuotaEngine ON

QuotadirectoryTALLY ON

QuotadisplayUnits MB

Quotashowquotas on

Quotalog "/ var / log / quota"

SQLNAMEDQUERY GET-Quota-Limit Select "Name, quota_type, per_session, limited_type, bytes_in_avail, bytes_out_avai

L, Bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail from fpquotalimits where name = '% {0}'

And quota_type = '% {1}' "

SqlnamedQuery get-quota-Tally Select "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_i

n_used, files_out_used, files_xfer_used from ftpquotatallies where name = '% {0}' and quota_type = '% {1}' "

SqlnamedQuery Update-Quota-Tally Update "BYTES_USED % = BYTES_USED_USED = BYTES_OUT_USED

% {1}, bytes_xfer_used = BYTES_XFER_USED % {2}, files_in_used = files_in_used % {3}, files_out_used = FILES_

OUT_USED % {4}, FILES_XFER_USED = files_xfer_used % {5} where name = '% {6}' and quota_type = '% {7}' "ftpquota

Tallies

SqlnamedQuery INSERT-quota-Tally Insert "% {0},% {1},% {2},% {3},% {4},% {5},% {6},% {7}" ftpquotatallies

QuotalimitTable SQL: / GET-Quota-Limit

QuotatallyTable SQL: / GET-quota-Tally / update-quota-tally / insert-quota-tally

OK, it's as simple, restart the Proftp service, you can use the proftp mysql quota function. We can add a virtual user in the database ftpuser,

Code:

INSERT INTO `FTPUSER` VALUES (1, 'Test', 'ftppasswd', 5500, 5500, '/ home / test', '/ sbin / nologin');

Everyone can add a user directly in PHPMYADMIN. I believe how to teach everyone.

If you want to set Quota, just set up in the ftpquotalimits table, the various parameters in this table represent:

Code:

Quotalimits table

Name: - User account

Quota Type: - User, Group, Class, All (We Use User)

Per_Session: - True Or False (We Use true)

LIMIT_TYPE: - Hard limit OR soft limit (we generally use hard limit)

BYTES_IN_AVAIL: - Allows the number of bytes to be uploaded

BYTES_OUT_AVAIL: - Allow the number of bytes to be downloaded

BYTES_XFER_AVAIL: - Allowed bytes (including upload / download)

FILES_IN_AVAIL: - Allows the number of files to be uploaded

FILES_OUT_AVAIL: - Allow downloaded files

FILES_XFER_AVAIL: - Allows the number of files (including upload / download)

Honestly use the MySQL and Quota modules to verify the user and set disk limit, but I always feel that it is not perfect, because in this method, there is no field of permissions in the database table, so I say that the authority of the corresponding user is actually used. The user is Mysql corresponding to the UID and GID to control the permissions. If the mysql database can completely control the permissions.

转载请注明原文地址:https://www.9cbs.com/read-44421.html

9cbs

New Post(0)