Chinese PureFTPd configuration file and startup script

Source: Internet
Author: User
The Chinese PureFTPd configuration file and startup script-Linux Enterprise Application-Linux server application information. The following is a detailed description. [Guide] explanation of the PureFTP configuration file in Chinese.



######################################## ####################

##

# Configuration file for pure-ftpd wrappers #

##

######################################## ####################

# If you want to use the configuration file instead of the command line option to run Pure-FTPd, run the following command:

#

#/Usr/local/pureftpd/sbin/pure-config.pl/usr/local/pureftpd/etc/pure-ftpd.conf

#

# By default, RPM uses another configuration file:

#/Etc/sysconfig/pure-ftpd

#

# Please do not forget to browse the http://www.pureftpd.org/documentation.html

# Document to view the list of all options.

# Restrict all users in their home directories

ChrootEveryone yes

# If the previous command is set to "no", the following group members (GID) are not restricted by the main directory. Other users

# It will be restricted to its own home directory. If you don't want to restrict any users to your home directory, just comment out ChrootEveryone.

# And TrustedGID.

# TrustedGID 100

# Compatible with non-formal ftp clients such as ie

BrokenClientsCompatibility no

# Maximum number of users allowed to connect simultaneously on the server

MaxClientsNumber 50

# Running as a daemon process (Fork in background)

Daemonize yes

# Number of users simultaneously connected to the same IP address (Maximum number of sim clients with the same IP address)

MaxClientsPerIP 8

# If you want to record all customer commands, set this command to "yes ".

# This directive can be duplicated to also log server responses.

VerboseLog no

# Even if the client does not send the '-a' option, the hidden files (dot-files) are listed.

DisplayDotFiles yes

# Users cannot be authenticated-only as a public anonymous FTP.

AnonymousOnly no

# Anonymous connections are not allowed. Only Authenticated Users are allowed to use them.

NoAnonymous no

# Syslog facility (auth, authpriv, daemon, ftp, security, user, local *)

# Default function (facility is "ftp ". "None" will disable logs.

SyslogFacility ftp

# Display fortune cookies)

# FortunesFile/usr/share/fortune/zippy

# Do not parse the host name in the log file. If the log is not so detailed, it uses less bandwidth. In a large volume of traffic

# In the site, set this command to "yes", if you do not have a working DNS.

DontResolve yes

# Maximum idle time allowed by the client (in minutes, 15 minutes by default)

MaxIdleTime 15

# LDAP configuration file (refer to README. LDAP)

# LDAPConfigFile/etc/pureftpd-ldap.conf

# MySQL configuration file (refer to README. MySQL)

# MySQLConfigFile/etc/pureftpd-mysql.conf

# Postgres configuration file (refer to README. PGSQL)

# PGSQLConfigFile/etc/pureftpd-pgsql.conf

# PureDB user database (refer to README. Virtual-Users)

# PureDB/etc/pureftpd. pdb

# Pure-authd socket path (refer to README. Authentication-Modules)

# ExtAuth/var/run/ftpd. sock

# If you want to enable the PAM Authentication Method, remove the comments in the following line.

# PAMAuthentication yes

# If you want to enable simple Unix system authentication (/etc/passwd), remove the following line of comment.

# UnixAuthentication yes

# Note: LDAPConfigFile, MySQLConfigFile, PAMAuthentication, and

# UnixAuthentication commands can only be used once. However, they can be used together. For example, if you use

# MySQLConfigFile and UnixAuthentication, the SQL server will be accessed. If the user name is not found

# If SQL authentication fails, another authentication will be attempted in/etc/passwd and/etc/shadow.

# If SQL authentication fails due to a wrong password, authentication will end here. Authentication methods are chained by the order they are given

# Connect.

# 'LS' command recursion restrictions. The first parameter indicates the maximum number of files displayed. The second parameter specifies the maximum subdirectory depth.

LimitRecursion 2000 8

# Can anonymous users create new directories?

AnonymousCanCreateDirs no

# If the system is loaded more than the following value, anonymous users are prohibited from downloading.

MaxLoad 4

# Port range of the passive connection response. -For firewalling.

# PassivePortRange 30000 50000

# Force a passive response (PASV/EPSV/SPSV replies) to an IP address ). -For NAT.

# Symbolic host names are also accepted for always ways with dynamic IP

# Addresses.

# ForcePassiveIP 192.168.0.1

# Upload/download ratio of anonymous users.

# AnonymousRatio 1 10

# The upload/download ratio of all users.

# This directive superscedes the previous one.

# UserRatio 1 10

# Do not download files whose owner is "ftp. For example, files uploaded by anonymous users that are not verified by the local administrator.

AntiWarez yes

# The IP address and port of the Service listener. (All IP addresses and port 21 by default)

# Bind 127.0.0.1, 21

# Maximum bandwidth of anonymous users (KB/s ).

# AnonymousBandwidth 8

# Maximum bandwidth of all users (KB/s), including anonymous users.

# Use AnonymousBandwidth * or * UserBandwidth, both makes no sense.

# UserBandwidth 8

# Create the attribute mask value for the Directory and file. <文件掩码> : <目录掩码> .

#177: 077 if you feel paranoid.

Umask 133: 022

# The ID (UID) of the group to which the authenticated user is allowed to log on ).

Min uid 100

# Only Authenticated Users are allowed for FXP transmission.

AllowUserFXP yes

# Anonymous users and non-Anonymous Users are allowed to perform anonymous FXP transmission.

AllowAnonymousFXP no

# You cannot delete or write vertex files (files whose names start with '.'), even if the user is the file owner.

# If the TrustedGID command is enabled, users in the file group can access the dot-files ).

ProhibitDotFilesWrite no

# Prohibit reading vertex files (files whose names start with '.') (. history,. ssh ...)

ProhibitDotFilesRead no

# Never overwrite the file. When the uploaded file name already exists, it is automatically renamed, such as: file.1, file.2, file.3 ,...

AutoRename no

# Anonymous users are not allowed to upload new files (no = upload is allowed)

AnonymousCantUpload no

# Only allow non-Anonymous user connections from the following IP addresses. You can use this command to open several public IP addresses to provide anonymous FTP,

# Keep a private IP address protected by the firewall for remote management. You can also allow only one Intranet address for authentication.

# A pure anonymous FTP service is provided on an IP address.

# TrustedIP 10.1.1.1

# If you want to add a PID for each line of the log, remove the comment of the following line.

# LogPID yes

# Create an additional log file in Apache format, such:

# Fw.c9x.org-jedi [13/Dec/1975: 19: 36: 39] "GET/ftp/linux.tar.bz2" 200 21809338

# This log file can be processed by the www traffic analyzer.

# AltLog clf:/var/log/pureftpd. log

# Create an additional log file for the statistical report in an optimized format.

# AltLog stats:/var/log/pureftpd. log

# Create an additional log file in the standard W3C format. (Compatible with most commercial log analyzer)

# AltLog w3c:/var/log/pureftpd. log

# Do not accept the CHMOD command. Users cannot change the attributes of their files.

# NoChmod yes

# Allow users to restore and upload files, but not delete them.

# KeepAllFiles yes

# If the user's main directory does not exist, it is automatically created.

# CreateHomeDir yes

# Enable the virtual disk quota. The first number is the maximum number of files.

# The second number is the maximum total file size (unit: Mb ).

# Therefore, each user can only use 1000 files at, a total of 10 Mb.

# Quota 1000:10

# If your pure-ftpd is added with standalone support during compilation, you can change the pid File

. The default location is/var/run/pure-ftpd.pid.

# PIDFile/var/run/pure-ftpd.pid

# If your pure-ftpd is added with pure-uploadscript support during compilation, this command will make pure-ftpd

# Send information about new uploads to/var/run/pure-ftpd.upload.pipe, so pure-uploadscript

# You can read and call a script to handle new uploads.

# CallUploadScript yes

# This option is useful for servers that allow anonymous uploads. When/var/ftp is in/var, You need to reserve a certain disk space.

# To protect log files. When the disk partition exceeds X %, new uploads are not accepted.

MaxDiskUsage 99

# If you don't want your users to rename the file, set it to yes '.

# NoRename yes

# Is 'customer proof': workund und (workaround) against common customer errors, similar to the error of 'chmod 0 public_html.

# It is a valid command, but it will lead to ignorant customers setting their own files and will make your technical support busy with stupid questions.

# If you are sure that all your users have basic Unix knowledge, this feature will be useless. However, if you are a host provider

.

CustomerProof yes

# Concurrency restrictions for each user. This command starts only after the -- with-peruserlimits compilation option is added.

# Function. (The release of most binary versions is an example)

# Format: <每一个用户最大允许的进程> : <最大的匿名用户进程>

# For example, indicates that the same authenticated user can have up to three simultaneously active processes. At the same time, you can only have up to 20 anonymous user processes.

# PerUserLimits :20






====================================== Start script ================ ======================================

#! /Bin/sh
#
# ScriptName:/etc/init. d/pureftpd
# Chkconfig:-60 50
# Description: pureftpd is a ftp daemon, which is the program \
# That answers incoming ftp service requests.
# Processname: pureftpd
#
# Author: cnscn
# Time:
#

# Tput func
FuncTput ()
{
Tput init
For args
Do
Case "$ args" in
Green_black)
Echo-e-n "\ 033 [; 32 m"
;;
Red_black)
Echo-e-n "\ 033 [; 31 m"
;;
Endtput)
Tput sgr0
Esac
Done
}

Case "$1" in
Start)
Ps aux | grep pure-ftp | grep-v grep>/dev/null 2> & 1
If [$? -Eq 0]
Then
Echo-n "Pureftpd has already been running ..."
FuncTput red_black
Echo "[failed]"
FuncTput endtput
Exit 1
Fi
Echo-n "start pureftpd ...."
/Usr/local/sbin/pure-config.pl/usr/local/etc/pure-ftpd.conf>/dev/null 2> & 1
If [$? -Eq 0]; then
FuncTput green_black
Echo "[OK]"
FuncTput endtput
Else
FuncTput red_black
Echo "[Failed]";
FuncTput endtput
Fi
;;
Stop)
Ps aux | grep pure-ftp | grep-v grep>/dev/null 2> & 1
If [$? -Eq 1]
Then
Echo-n "Pureftpd has not been runned now ..."
FuncTput red_black
Echo "[failed]"
FuncTput endtput
Exit 1
Fi
Echo-n "Stop pureftpd ..."
Killall pure-ftpd>/dev/null 2> & 1
If [$? -Eq 0]; then
FuncTput green_black
Echo "[OK]"
FuncTput endtput
Else
FuncTput red_black
Echo "[Failed]";
FuncTput endtput
Fi
;;
Restart)
Ps aux | grep pure-ftp | grep-v grep>/dev/null 2> & 1
If [$? -Eq 0]
Then
Echo-n "Stop pureftpd ..."
Killall pure-ftpd>/dev/null 2> & 1
If [$? -Eq 0]; then
FuncTput green_black
Echo "[OK]"
FuncTput endtput
Else
FuncTput red_black
Echo "[Failed]";
FuncTput endtput
Fi
Fi

Echo-n "start pureftpd ...."
/Usr/local/sbin/pure-config.pl/usr/local/etc/pure-ftpd.conf>/dev/null 2> & 1
If [$? -Eq 0]; then
FuncTput green_black
Echo "[OK]"
FuncTput endtput
Else
FuncTput red_black
Echo "[Failed]";
FuncTput endtput
Fi
;;
*)
Echo "Usage: 'basename $ 0' {start | stop | restart }"
;;
Esac
Exit 0


========================================================== ======================================
[Example]
Root@192.168.0.89 ~ $/Etc/rc. d/init. d/pureftpd stop
Stop pureftpd... [OK]

Root@192.168.0.89 ~ $/Etc/rc. d/init. d/pureftpd start
Start pureftpd... [OK]

Root@192.168.0.89 ~ $/Etc/rc. d/init. d/pureftpd restart
Stop pureftpd... [OK]
Start pureftpd... [OK]

Root@192.168.0.89 ~ $/Etc/rc. d/init. d/pureftpd start
Pureftpd has already been running... [failed]

Root@192.168.0.89 ~ $/Etc/rc. d/init. d/pureftpd stop
Stop pureftpd... [OK]

Root@192.168.0.89 ~ $/Etc/rc. d/init. d/pureftpd stop
Pureftpd has not been runned now... [failed]

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.