一个比较复杂的ProFTPD配置

0
Add Comment
Posted on by yaoge123

ProFTPD 1.3.2e的配置文件,1.3.3版本则需要进行一些修改,
ServerName                      “yaoge123 FTP Server”
ServerType                      standalone
DefaultServer                   on
ScoreboardFile                  /var/run/proftpd/proftpd.scoreboard
Port                            21
UseIPv6                         on
Umask                           022
MaxInstances                    100
MaxConnectionsPerHost           10
CommandBufferSize               512
UseReverseDNS                   off
IdentLookups                    off
ServerIdent                     on “Welcome to yaoge123 FTP Server”
User                            nobody
Group                           nogroup
DefaultRoot                     ~
AllowOverwrite                  off
requirevalidshell               off
AllowForeignAddress             on
AllowRetrieveRestart            on
DirFakeUser                     on yaoge123
DirFakeGroup                    on yaoge123
DirFakeMode                     0000
TimeoutLogin                    30
TimeoutIdle                     300
SystemLog                       /var/log/proftpd.log
TransferLog                     /var/log/xferlog
WtmpLog                         on

AdminControlsEngine             on
AdminControlsACLs               all allow user root

BanEngine                       on
BanControlsACLs                 all allow user root
BanOnEvent                      ClientConnectRate 10/00:01:00 01:00:00 “Stop connecting frequently”
BanTable                        /var/run/proftpd/ban.tab
BanLog                          /var/log/proftpd-ban.log
BanMessage                      “%a OR %u has been banned”

#AuthOrder mod_auth_file.c mod_sql.c mod_auth_unix.c
#AuthUserFile /usr/local/etc/proftpd/ftpd.passwd
#AuthGroupFile /usr/local/etc/proftpd/ftpd.group
AuthOrder mod_sql.c
SQLAuthenticate users
SQLAuthTypes crypt plaintext
SQLConnectInfo proftpd@localhost username password
SQLUserInfo users user password userid usergroupid homedir NULL
SQLLogFile /var/log/proftpd-sql.log

SQLLog PASS counter
SQLNamedQuery counter UPDATE “lastloginip=’%a’, lastlogin=now(), logincount=logincount+1 WHERE user=’%u'” users
SQLLog EXIT time_logout
SQLNamedQuery time_logout UPDATE “lastlogout=now() WHERE user=’%u'” users
SQLLog RETR,ERR_RETR download
SQLNamedQuery download UPDATE “downloadbytes=downloadbytes+%b, downloadfiles=downloadfiles+1 WHERE user=’%u'” users
SQLLog STOR,ERR_STOR,APPE,ERR_APPE,STOU,ERR_STOU upload
SQLNamedQuery upload UPDATE “uploadbytes=uploadbytes+%b, uploadfiles=uploadfiles+1 WHERE user=’%u'” users

SQLNamedQuery logincount SELECT “logincount from users where user=’%u'”
SQLNamedQuery lastlogin SELECT “lastlogin from users where user=’%u'”
SQLNamedQuery lastloginip SELECT “lastloginip from users where user=’%u'”
SQLNamedQuery downloadbytes SELECT “ROUND(downloadbytes/1048576) from users where user=’%u'”
SQLNamedQuery downloadfiles SELECT “downloadfiles from users where user=’%u'”
SQLNamedQuery uploadbytes SELECT “ROUND(uploadbytes/1048576) from users where user=’%u'”
SQLNamedQuery uploadfiles SELECT “uploadfiles from users where user=’%u'”
SQLShowInfo PASS “230” “You’ve logged on %{logincount} times”
SQLShowInfo PASS “230” “*** Last login at %{lastlogin}”
SQLShowInfo PASS “230” “*** Last login from %{lastloginip}”
SQLShowInfo PASS “230” “*** Downloaded %{downloadbytes} MB in %{downloadfiles} files”
SQLShowInfo PASS “230” “*** Uploaded %{uploadbytes} MB in %{uploadfiles} files”

<Limit SITE_CHMOD>
  DenyAll
</Limit>

<Directory />
  <Limit ALL>
    DenyAll
  </Limit>
  <Limit PROT>
    AllowAll
  </Limit>
</Directory>

TLSEngine on
TLSLog /var/log/proftpd-tls.log
TLSProtocol SSLv23
TLSRSACertificateFile /usr/local/etc/proftpd/ftpd.cert.pem
TLSRSACertificateKeyFile /usr/local/etc/proftpd/ftpd.key.pem
TLSCACertificateFile /usr/local/etc/proftpd/ftpdca.cert.pem
TLSVerifyClient off
TLSRenegotiate required off

<Anonymous /ftp/anonymous>
  User                          anonymous
  Group                         anonymous
  UserAlias                     guest anonymous
  MaxClients                    10
  MaxClientsPerHost             1
  TransferRate                  RETR 512

  <Limit LOGIN>
    Allow from 172.16.,172.20,172.21
    DenyAll
  </Limit>

  <Limit ALL>
    DenyAll
  </Limit>

  <Limit FEAT DIRS READ>
    AllowAll
  </Limit>
</Anonymous>

<IfUser OR friend1,friend2>
  <Directory /ftp/friend>
    <Limit FEAT DIRS READ>
      AllowAll
    </Limit>
  </Directory>
</IfUser>

<IfUser regex @yaoge123$>
  DisplayLogin .welcome.msg
  MaxHostsPerUser               1
  MaxClientsPerUser             3
  <Directory /ftp/yaoge123>
    HideFiles                  ^\.
    <Limit FEAT DIRS READ>
        AllowAll
    </Limit>
  </Directory>
</IfUser>

sql中的表
CREATE TABLE `users` (
`user` varchar(50) NOT NULL default ”,
`password` varchar(50) NOT NULL default ”,
`username` varchar(50) NOT NULL default ”,
`userid` int(10) unsigned NOT NULL default ‘10000’,
`usergroupid` int(10) unsigned NOT NULL default ‘10000’,
`lastloginip` varchar(22) NOT NULL default ”,
`logincount` int(16) unsigned NOT NULL default ‘0’,
`lastlogin` datetime NOT NULL default ‘0000-00-00 00:00:00’,
`lastlogout` datetime NOT NULL default ‘0000-00-00 00:00:00’,
`downloadbytes` bigint unsigned NOT NULL default ‘0’,
`downloadfiles` int unsigned NOT NULL default ‘0’,
`uploadbytes` bigint unsigned NOT NULL default ‘0’,
`uploadfiles` int unsigned NOT NULL default ‘0’,
`homedir` varchar(50) NOT NULL default ”,
`mark` varchar(10) NOT NULL default ”,
PRIMARY KEY (`userid`)
) ;

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据