Mysql authentication and quota, speed limit, and other configurations of pureftpd

For mysql authentication of pureftpd and configurations such as quota and speed limit-Linux general technology-Linux technology and application information, see the following for details. 1. Download related programs
Wget
Http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.21.tar.gz

Wget Http://machiel.generaal.net/files/pureftpd/ftp_v2.1.tar.gz


Ii. Compile and install pureftp
Tar zxvf pure-ftpd-1.0.21.tar.gz-C/usr/local/src/

Cd /Usr/local/src/pure-ftpd-1.0.21/

1 , Improvements before Compilation

(1) IE pop-up login interface
Vi src/ftpd. c

If (broken_client_compat! = 0 ){

Addreply (331, MSG_USER_ OK, username );

Return;

} Else {

//Die (530, LOG_DEBUG, MSG_NO_ANONYMOUS_LOGIN );// Comment out this line
Addreply (331, MSG_USER_ OK, account );// Change to this line
}

The above issues can be solved as follows:
Pure-ftpd is a very good ftp server, but when IE is used to directly enter the FTP directory, if the system does not provide anonymous logon, the IE login interface will not pop up, instead, the warning dialog box that does not provide anonymous logon is displayed. In this case, how can I enable IE to directly pop up the logon dialog box? By analyzing the conversation process between IE and pure-ftpd, we can find that the original simple change can be implemented.


(2) correctly display the disk quota
Vi./src/quotas. c

There is a statement in row 71st:
//* Bufpnt = 0;
This statement clears the second space used in the. ftpquota file in the root directory of the user to 0 and comment out the statement.
There is a statement in row 73rd:
Old_quota.size = quota-> size = strtoull (bufpnt + 1, NULL, 10 );

An error occurred while reading and passing the value to quota-> size. It should not be bufpnt + 1, Buf + 1, Or Bufpnt.
The above issues can be solved as follows:
The disadvantage of a PureFTPd is that although the disk quota has been used, the following situations may occur. After the connection, you can only view the limited number of files and the disk space used cannot be displayed normally.
Of course, the disk quota information is still not displayed during webpage upload, but can be normally displayed using the command line or FTP tool.

2 , Compilation and installation (the key point is to determine whether the new FTP User can be successfully managed through "User manager for PureFTP)
./Configure \ -- Prefix =/usr/local/pureftpd -- with-mysql =/usr/local/mysql \ -- With-mysql-lib =/usr/local/mysql/lib -- with-mysql-include =/usr/local/mysql/include \ -- With-pam -- with-puredb -- with-quotas -- with-throttling -- with-ratios \ -- With-uploadscript -- with-virtualhosts -- with-virtualchroot -- with-cookie \ -- With-welcomemsg -- with-paranoidmsg -- with-ftpwho -- with-diraliases \ -- Without-inetd -- sysconfdir =/usr/local/etc -- with-peruserlimits\

Make install-strip Note:
If you do not use -- with-peruserlimits, you cannot limit the number of connections for each user.
If not -- With-throttling The speed limit cannot be reached.
If you do not use -- with-quotas, the disk quota is no longer available.
-- With-language = simplified-chinese No. Otherwise, the server logs are garbled.-- With-altlog is unnecessary, but syslogd is used to process logs.


3. Generate dedicated users and passwords for the pureftp System
1 Generate dedicated users for the pureftp System

Groupadd -G 2001 ftpgroup
Useradd-u 2001-s/bin/false-d/bin/null-c "pureftpd user"-g ftpgroup ftpuser

Cp config-file/pure-config.pl/usr/local/sbin/

Chmod + X/usr/local/sbin/pure-config.pl
2 Create a dedicated user and password for the pureftp Database

/Usr/local/mysql/bin/mysql-u root ? Pmysqlpasswd


Mysql> Grant select, INSERT, UPDATE, DELETE, CREATE, drop on ftpusers. * TO 'pureftpd' @ 'localhost' identified by 'ftpasswd ';
Database Name: ftpusers
User is pureftpd
The password is ftppasswd.
The database name ftpusers should not be changed, because the ftpusers database name is automatically created through the program later.

4. PassFtp_v2.1.tar.gzProgram from the browser to install the database and web interface management program
Cd /Usr/local/src/

Tar zxvf ftp_v2.1.tar.gz
Cp-rf ftp/usr/local/apache2/htdocs/ftpadmin

Because the installation requires that ftpadmin/be assigned 777 permissions first
Chmod
? R 777/usr/local/apache2/htdocs/ftpadmin

Install the required database in the browser
Http://ip.ftpadmin/install.php
1. check whether all of them comply with the installation requirements. If they do not comply with the requirements, modify them and refresh them to see if they comply with the requirements.

2. Input
Database
Root permission and password
New database creation

3. Input
Pureftpd
Ftppasswd
Ftpusers
Corresponding to the User Password Database respectively (do not use the root database user and password for Management)

4. Change
FTP Address
, Default user ID
2001
, Default group ID
2001 check Quota support and Ratio support
5. Change the administrator password for managing pureftpd through a browser
At the same time, you can create a new super user
6. Follow the prompts to create and create Pure-ftpd.conf And pureftpd-mysql.conf


5. Create pure-ftpd.conf and pureftpd-mysql.conf configuration files
Cd/usr/local/src/pure-ftpd-1.0.21/

Cp./configuration-files/pure-ftpd.conf/usr/local/etc/pure-ftpd.conf

Pureftpd-mysql.conf./pureftpd-mysql.conf/usr/local/etc/
Chmod 644/usr/local/etc/pureftpd-mysql.conf

Chmod 644/usr/local/etc/pure-ftpd.conf

Users who do not have a uniform apache operation need to read the above two files, so they can modify the attribute and read the attribute.
1. pure-ftpd.conf Configuration
Vi/usr/local/etc/pure-ftpd.conf

MySQLConfigFile/usr/local/etc/pureftpd-mysql.conf
PIDFile
/Var/tmp/pure-ftpd.pid

CreateHomeDir yes
NoAnonymous yes
DisplayDotFiles no
MaxClientsNumber
200

(We recommend that you do not activate FXP for authenticated users) AllowUserFXP no

(We recommend that you Configure the server to support PASV mode. Otherwise, clients after nat cannot connect to pureftp in PORT mode) PassivePortRange 30000 50000
ForcePassiveIP *. * (Internet address)
Shield quota files
DisplayDotFiles no
Yes. The ftpquota file is not displayed to the user.

Set the idle time to 5 minutes. MaxIdleTime
5

Shield Anonymous Users NoAnonymous
Yes
Set the maximum number of concurrent users
PerUserLimits 20:20 Sets the maximum number of concurrent connections. The command takes effect only after the -- with-peruserlimits compilation option is added. by default, means that the same authenticated user can have up to three processes active at the same time. In actual applications, this process is too small. In particular, if you use win ie to log on, two processes are required, therefore, it is recommended that the configuration be larger. I configured 20: 20
Host Name not resolved
DontResolve yes The host name is not parsed in the log file. If the log is not so detailed, it uses less bandwidth.
Permission of the created file (Umask parameter) By default, Umask 133: 022 is used. The first one is the file followed by a folder. The real file attributes must be reversed. If the default Umask attribute is used, the file attribute created by the user is 644, And the folder attribute is 755. Therefore, do not change the default value of the system. 2. pureftpd-mysql.conf Configuration
Vi/usr/local/etc/pureftpd-mysql.conf
MYSQLSocket /Tmp/mysql. sock
MYSQLUser Pureftpd
MYSQLPassword Ftppasswd MYSQLDatabase Ftpusers MYSQLCrypt Md5 MYSQLGetPW
SELECT Password FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ") MYSQLGetUID
SELECT Uid FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MYSQLGetGID
SELECT Gid FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MYSQLGetDir
SELECT Dir FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MySQLGetQTAFS
SELECT QuotaFiles FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MySQLGetQTASZ
SELECT QuotaSize FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MySQLGetRatioUL SELECT ULRatio FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MySQLGetRatioDL SELECT DLRatio FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")
MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User = "\ L" AND Status = "1" AND (Ipaddress = "*" OR Ipaddress LIKE "\ R ")

6. Create a server execution file for pureftpd
Vi/etc/rc. d/init. d/pure-ftpd

#! /Bin/sh
Case "$1" in

Start)
Echo-n "Starting Pure-FTPd ..."
/Usr/local/sbin/pure-config.pl/usr/local/etc/pure-ftpd.conf>/dev/null
;;
Stop)
Echo-n "Shutting down Pure-FTPd ..."
Kill 'cat/var/tmp/pure-ftpd.pid | head-1'
;;
Restart)
Echo-n "Restarting Pure-FTPd ..."
Kill 'cat/var/tmp/pure-ftpd.pid | head-1'
Sleep 1
/Usr/local/sbin/pure-config.pl/usr/local/etc/pure-ftpd.conf>/dev/null
;;
*)
Echo "Usage: $0 {start | stop | restart }"
Exit 1
;;
Esac Chmod + X/etc/rc. d/init. d/pure-ftpd

Start the pureftpd Service
/Etc/rc. d/init. d/pure-ftpd start

Disable Service
Killall Pure-ftpd

Ps -Aux | grep pureftp

VII. Set pureftp logs
Vi/etc/syslog. conf
Ftp. */var/log/pureftpd
Mkdir /Var/log/pureftpd
Touch/var/log/pureftpd
Chown Ftpuser. ftpgroup/var/log/pureftpd
Killall -HUP syslogd
Vi/usr/local/etc/pure-ftpd.conf
SyslogFacility Ftp
VerboseLog Yes
/Etc/init. d/pure-ftpd restart

Note: if it is set to VerboseLog yes, all user operations are recorded (including file upload and download) (I personally think this is not set, it is too cumbersome, and there are too many logs)


8. Set browser Management Interface Optimization
1Security considerations For security issues, we recommend that you change the ftpadmin directory owner to the default user of ftpuser. ftpgroup, and grant the general user the permission of 5
Chown-R ftpuser. ftpgroup ../ftpadmin/
Chmod
? R 755/usr/local/apache2/htdocs/ftpadmin

In this way, the security is better. Pay attention to the following two points:
1,
Use ftp: // IP in the browser
Permission: ftpuser. ftpgroup
2In http: // ip/ftpadmin, you can view the entire system directory. This permission is the default user permission of apache.

2Set browser Management Interface Optimization Vi/usr/local/apache2/htdocs/ftpadmin/index. php



569th rows

$ Dir
= "/Home/ftp ";

$ Status
= "1 ";
$ Quotafiles
= "0 ";
(File limit, 0 is unlimited)


$ Quotasize
= "1000 ";
(Capacity Limit 1 GB)
$ Ulbandwidth
= "100 ";

(Upload bandwidth: 100 KB)


$ Dlbandwidth
= "100 ";
(Download bandwidth: 100 KB)Line 3 removes Blocking
Echo ("\ N ");

745th rows shielded
//
Echo ("Value = \ "$ dir \"> \ n ");

In this way, you can manually enter and set the root directory of each ftp user during management. Otherwise, you have to select the root directory from the browser interface, which is depressing!
Note 1:
In the personal user directory, the. ftpquota mainly writes the number of users used. Not set.
Based on the above configuration: Automatic Directory Creation, Status Bar Setting, speed limit (up and down) and disk capacity limit are all OK !!


3Modify the traditional Chinese language environment to the simplified language environment


/Usr/local/apache2/htdocs/ftpadmin/language/chinese. php



// Traiditional Chinese translated by chinsan


$ CharSet = "UTF-8 ";


// Global? Global)


$ Translate [0]
= "Jiangsu Sinotrans Changzhou branch PureFTPd account management ";
(Add your own company here)

$ Translate [1]
= "Version 2.1 ";


//?? ? Why? (Default username)


$ Translate [10] = "myftp ";



// System ?? Information (System messages)


$ Translate [20] = "the selected password does not exist. ";


$ Translate [21] = "the password is consistent and the current settings are not saved. ";


$ Translate [22] = "except for the current password, the set value will be saved. ";


$ Translate [23] = "the set value will be saved. ";


$ Translate [24] = "This ftp account ";


$ Translate [25] = "will be removed. ";


$ Translate [26] = "error: unable to access any directory ";


//?? /Font> ?? Ming (Labels)


$ Translate [30] = "Logon page ";


$ Translate [31] = "Click here to add an account ";


$ Translate [32] = "Account ";


$ Translate [33] = "UID ";


$ Translate [34] = "GID ";


$ Translate [35] = "home directory ";


$ Translate [36] = "upload speed (KB/s )";


$ Translate [37] = "download speed (KB/s )";


$ Translate [38] = "IP address ";


$ Translate [39] = "set ";


$ Translate [40] = "enabled ";


$ Translate [41] = "password ";


$ Translate [42] = "Confirm Password again ";


$ Translate [43] = "quota of Files ";


$ Translate [44] = "quota space (MB )";


$ Translate [45] = "upload/download ratio [upper: lower]";


$ Translate [46] = "Remarks ";


// Press ?? (Button info)


$ Translate [60] = "modify ";


$ Translate [61] = "Remove ";


$ Translate [62] = "locked ";


$ Translate [63] = "unlock ";


$ Translate [64] = "enable ";


$ Translate [65] = "Select Directory ";


$ Translate [66] = "Close browsing directory ";


$ Translate [67] = "Storage ";


// In? G? Why ?? R ?? Butes from the directory browser)


$ Translate [80] = "name ";


$ Translate [81] = "size ";


$ Translate [82] = "type ";


$ Translate [83] = "Modify date ";


$ Translate [84] = "owner ";


$ Translate [85] = "group ";


$ Translate [86] = "attribute ";


//? Help? Ming (Help balloons)


$ Translate [90] = "the account takes effect only when it is enabled and selected. ";


$ Translate [91] = "UID (account permission) required for this ftp account )";


$ Translate [92] = "the GID (group? Permission )";


$ Translate [93] = "speed limit for uploading files (unit: KB/s )";


$ Translate [94] = "speed limit for downloading an object (unit: KB/s )";


$ Translate [95] = "Limit the maximum number of files that can be stored by this account. ";


$ Translate [96] = "Limit the maximum (maximum) space that this account can store. (Unit: Mb )";


$ Translate [97] = "for example, <> indicates that at least 4 Mb of data can be uploaded before 8 Mb of data can be downloaded. <0: 0>? T is to disable the upper/lower transfer ratio limit ";


$ Translate [98] = "limit that this account can only be used by a specific IP Address Source, or anywhere (*)";