proftpd的搭建以及相關配置

配置文件在etc/proftpd.conf，配置文件說明如下：

ServerName                     "ProFTPD Default Installation"
ServerType                     standalone
DefaultServer                  on

分別表示：服務器名稱，服務類型和默認服務狀態！

後面的服務端口啊什麼的我就省去不說了，說最關鍵的權限控制部分。

 # Set the user and group under which the server will run.
User                           nobody
Group                          nogroup

注意看上面：以什麼用戶和什麼組來運行服務。 

更改爲你現有的組和用戶，這裏爲了管理上的方便和安全性上考慮，建議新建一個ftp組和ftp用戶。

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~
是否允許用戶進入用戶的主目錄，注意：可是適用/home替代

# Normally, we want files to be overwriteable.
AllowOverwrite         on
是否具有重寫的權利

# A basic anonymous configuration, no upload directories. If you do not
# want anonymous users, simply delete this entire <Anonymous> section.
<Anonymous ~ftp>
 User                         ftp
 Group                        ftp

 # We want clients to be able to login with "anonymous" as well as "ftp"
 UserAlias                    anonymous ftp

 # Limit the maximum number of anonymous logins
 MaxClients                   10

 # We want 'welcome.msg' displayed at login, and '.message' displayed
 # in each newly chdired directory.
 DisplayLogin                 welcome.msg
 DisplayFirstChdir            .message

 # Limit WRITE everywhere in the anonymous chroot
 <Limit WRITE>
   DenyAll
 </Limit>
</Anonymous>

這部分是匿名用戶的定義其實也很簡單。

------------------------------------------------

啓動不了，出現如下錯誤的解決方法

[root@new-host sbin]# ./proftpd
 - IPv4 getaddrinfo 'new-host' error: Name or service not known
 - warning: unable to determine IP address of 'new-host'
 - error: no valid servers configured
 - Fatal: error processing configuration file '/usr/local/proftpd/etc/proftpd.conf'

原因是無法綁定Ip地址。

在配置文件中增加下面這句：

DefaultAddress                 192.168.8.105
再重啓服務就可以了！

 

對出現的530 Login incorrect錯誤，查看日誌發現Invalid shell錯誤
在配置中添加

RequireValidShell             off 

 "Fatal: Socket operation on non-socket"
  這通常意味着在 proftpd.conf 配置文件中 ServerType 指令被配置成 inetd
  (超級服務器)方式而不是 standalone(獨立服務器) 方式來運行。

 

PROFTPD服務器相關命令

　　1、ftpshut:關閉FTP服務，並在/etc下生成文件shutmsg。要重新開放FTP服務，把/etc/shutmsg刪除。
　　2、ftpcout:FTP服務器在線人數信息顯示。
　　3、ftpwho:FTP服務器在線人員名單。

幾個文件的功能及路徑
/usr/local/sbin/proftpd 執行程序
/usr/local/etc/proftpd.conf 設置文件
/usr/local/var/proftpd.pid proftpd做爲一個服務的ID號


設定proftpd.conf文件，起動服務

cd /etc/rc.d/rc3.d
ln -s /usr/local/sbin/proftpd S99proftpd

或者
修改/etc/rc.d/rc.local
加上下面這句
/usr/local/sbin/proftpd start

proftpd 怎麼查看在線連接的ip

登陸服務器
輸入 ftpwho
或ftptop
ftptop可以顯示在線人的ip 速度等

//////////////////////////////////////////////////////

ProFTPD configuration

 

先建立ftp和media用戶，用戶組爲nogroup,不允許登錄系統

useradd media -d/home/media -gnogroup

增加權限

chown -R media /hoem/media

要使ftp用戶登錄要修改/etc/ftpuser文件註釋掉ftp

 

內網架設FTP服務器的方法：
1. 在proftpd.conf中利用MasqueradeAddress命令將網關的IP地址或域名指定給FTP服務器，例如
MasqueradeAddress myftpserver.vicp.net   ？？？？？
或MasqueradeAddress 12.34.56.78          ？？？？？經使用只能連接不能下載
然後通過PassivePorts命令來限制被動方式下監聽的端口的範圍，例如
PassivePorts 60000 65534
2. 在網關的端口映射上將第一步中指定的端口範圍（例中爲60000-65534）以及FTP端口21映射到FTP服務器的內網地址上。

getaddrinfo 'test' error: Name or service not known
- warning: unable to determine IP address of 'test'
- error: no valid servers configured
- Fatal: error processing configuration file '/etc/proftpd.conf'
解決：產生該問題是由於hosts文件裏機器名未增加別名引起的。
#vi /etc/host

 

proftpd登陸速度慢的問題的解決

proftpd.conf中增加兩行設置：
UseReverseDNS off
IdentLookups off

 

# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp"
# for normal/anonymous operation.

ServerName   "ProFTPD Default Installation"
ServerType   standalone
#ServerType   inetd
DefaultServer   on

UseReverseDNS off
IdentLookups off

# Port 21 is the standard FTP port.
Port    21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask    022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances   30

# Set the user and group that the server normally runs at.
User  ftp
# nobody
Group  nogroup
# nogroup
# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off

SystemLog   /var/log/proftpd.log
TransferLog   /var/log/xferlog

DefaultAddress  192.168.1.254
# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite  on
</Directory>

<Anonymous ~media>
  RequireValidShell  off
  User   media 
  Group         nogroup 
  MaxClients   50
  DisplayLogin   welcome.msg
  DisplayFirstChdir  .message
<Directory /*>
  <Limit All>
    AllowAll
  </Limit>
</Directory>
</Anonymous>
# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
  RequireValidShell  off
  User   ftp
  Group         nogroup 
  # We want clients to be able to login with "anonymous" as well as "ftp"
 # UserAlias   anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients   50

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin   welcome.msg
  DisplayFirstChdir  .message

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
  <Directory /*>
    <Limit READ>
      AllowAll
    </Limit>

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
  AllowAll
  </Limit>
    <Limit STOR>
      AllowAll
    </Limit>
  </Directory>

</Anonymous>

愛慕爾商城
服裝搭配
城市物語 
穿衣搭配博客

服裝搭配博客