ProFTPD file sharing

Summary from the book "Linux O & M path" by Ding yiming

It is a secure and simple FTP server software.

[[Email protected] tempal] # wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.5rc4.tar.gz

[[Email protected] tempal] # tar zxfv proftpd-1.3.5rc4.tar.gz

[[Email protected] tempal] # tar-xzf proftpd-1.3.5rc4.tar.gz-C/usr/src/

[[Email protected] tempal] # cd/usr/src/

[[Email protected] SRC] # cd proftpd-1.3.5rc4/

[[Email protected] proftpd-1.3.5rc4] #./configure -- prefix =/usr/local/ProFTPD -- sysconfdir =/etc/-- enable-NLS -- enable -- OpenSSL -- enable-shadow

[[Email protected] proftpd-1.3.5rc4] # Make & make install

[[Email protected] proftpd-1.3.5rc4] # Path = $ path:/usr/local/ProFTPD/bin

[[Email protected] proftpd-1.3.5rc4] # useradd-m-S/sbin/nologin ProFTP

Original configuration file/etc/ProFTPd. conf

# This is a basic ProFTPD configuration file (rename it

# 'Proftpd. conf' for actual use. It establishes a single server

# And a single anonymous login. It assumes that you have a user/group

# "Nobody" and "ftp" for normal operation and anon.

Servername "ProFTPD default installation" # prompt characters displayed after Client Connection

Servertype standalone # server startup mode, independent background process

Defaultserver on # as the default server

# Port 21 is the standard FTP port.

Port 21 # listens to port 21 by default

# Don't use IPv6 support by default.

Useipv6 off # Disable Ipv6

# Umask 022 is a good standard umask to prevent new dirs and files

# From being group and world writable.

Umask 022 # permission mask

# To prevent DoS attacks, set the maximum number of child Processes

# To 30. If you need to allow more than 30 concurrent connections

# At once, simply increase this value. Note that this only works

# In standalone mode, in inetd mode you shoshould use an inetd Server

# That allows you to limit maximum number of processes per service

# (Such as xinetd ).

Maxinstances 30 # maximum concurrency

# Set the user and group under which the server will run.

User nobody # account used to start the server

Group nogroup # The group account that starts the server

# To cause every FTP user to be "Jailed" (chrooted) into their home

# Directory, uncomment this line.

# Defaultroot ~

# Normally, we want files to be overwriteable.

Allowoverwrite on # Allow File Overwrite Permissions

# Bar use of site chmod by default

<Limit site_chmod>

Denyall

</Limit>

# A Basic anonymous configuration, no upload directories. If you do not

# Want anonymous users, simply delete this entire <anonymous> section.

<Anonymous ~ Ftp> # Set anonymous access. The default value is anonymous access. The default value should be commented out.

User FTP

Group FTP

# We want clients to be able to login with "anonymous" as well as "ftp"

Useralias anonymous FTP

# Limit the maximum number of Anonymous logins

Maxclients 10

# We want 'Welcome. MSG 'displayed at login, and'. message' displayed

# In each newly chdired directory.

Displaylogin welcome. msg

Displaychdir. Message

# Limit write everywhere in the anonymous chroot

<Limit write>

Denyall

</Limit>

</Anonymous>

Configuration File interpretation [to http://www.njhnh.cn/blog? Action = show & id = 87]

1. How does ProFTPD speed limit and set a daze exit?

You can use:

Ratereadbps ratereadfreebytes

Ratewritebps ratewritefreebytes

To limit the download and upload speed:

Ratereadbps and ratewritebps limit the download and upload speeds

Ratereadfreebytes and ratewritefreebytes limit the speed limit after the user has so much data, so that the speed limit is not limited for small files, but for large files.

Timeoutidle -- set the idle connection timeout clock

Timeoutlogin -- set the idle logon timeout clock

Timeoutnotransfer -- sets the time-out clock when no data is transmitted.

Timeoutstalled -- set the timeout clock for blocked downloads

2. How does ProFTPD implement disk quota?

First, specify -- With-modules to include mod_quota during compilation.

Then use the following in the configuration file:

Quotas on

Quotac1c on

Defaultquota 8000

Quotablocksize 1024

Quotablockname KB

The disk quota can be achieved. Defaultquota indicates that you can only use 8000 blocks, while quotablocksize indicates that the size of each block is bytes, that is, 1 K.

Quotablockname only appears in the prompt, indicating the unit of the block.

3. How to set the number of ProFTPD service processes

If the hardware configuration of the machine is not very good, or to prevent DoS attacks, it is sometimes necessary to limit the number of concurrent connections that ProFTPD can provide. In standalone, you can set:

# Maxinstances 100

In this way, when all external connections reach 100, ProFTPD will disable new connections.

4. How does ProFTPD limit the simultaneous connection of each client machine?

You only need to use the following in the configuration file:

Maxclientsperhost 10

In this way, up to 10 connections are allowed on the client machine. It is particularly useful in configurations of anonymous users, effectively preventing a client from occupying the number of connections of others.

5. How does ProFTPD limit the number of simultaneous connections of a user?

ProFTPD 1.2.7rc1 and later provide a new parameter-maxclientsperuser. Add the following parameters to the configuration file:

Maxclientsperuser 5

In this way, each user can only have five connections at the same time. When using download tools such as flashget, the user can be divided into up to five downloads.

6. How does ProFTPD provide the Resume function?

To support download and resume, you must specify:

Allowretrieverestart on

To support resumable upload, you must specify:

Allowoverwrite on

Allowstorerestart on

The reason that allowoverwrite and allowstorerestart must be specified simultaneously is that re-upload or resume is also a overwriting file.

Remember not to use hiddenstor and allowstorerestart at the same time.

7. How does ProFTPD Allow Logon as root?

Use the following configuration in the configuration file:

Rootlogin on

8. How to shorten the time for connecting to the ProFTPd Service

Add two lines to ProFTPD. conf:

Usereversedns off

Identlookups off

Prevent ProFTPD from reverse DNS lookup and ident confirmation on the user end.