码迷,mamicode.com
首页 > 其他好文 > 详细

搭建proftp服务器

时间:2018-07-16 20:27:05      阅读:389      评论:0      收藏:0      [点我收藏+]

标签:ftp   ref   creat   pen   mod   abort   proftpd   tps   processes   

官网:http://www.proftpd.org/

1.安装

git 仓库:https://github.com/proftpd/proftpd/  make && make install

2. 修改配置(最好采用被动模式)

技术分享图片
# This sample configuration file illustrates configuring two
# anonymous directories, and a guest (same thing as anonymous but
# requires a valid password to login)

ServerName            "ProFTPD Anonymous Server"
ServerType            standalone

# Port 21 is the standard FTP port.
Port                21
PassivePorts 20000 20200

# If you don‘t want normal users logging in at all, uncomment this
# next section
#<Limit LOGIN>
#  DenyAll
#</Limit>

# Set the user and group that the server normally runs at.
User                ftp
Group                ftp
AllowOverwrite on
AllowRetrieveRestart on
AllowStoreRestart on

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the maximum number of seconds a data connection is allowed
# to "stall" before being aborted.
TimeoutStalled            300

# We want ‘welcome.msg‘ displayed at login, and ‘.message‘ displayed
# in each newly chdired directory.
DisplayLogin            welcome.msg
DisplayChdir            .message

# Our "basic" anonymous configuration, including a single
# upload directory ("uploads")
<Anonymous ~ftp>

  # Allow logins if they are disabled above.
  <Limit LOGIN>
    AllowAll
  </Limit>

  # Maximum clients with message
  MaxClients            5 "Sorry, max %m users -- try again later"

  User                ftp
  Group                ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias            anonymous ftp

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
  <Directory uploads/*>
    <Limit READ>
      DenyAll
    </Limit>

    <Limit STOR>
      AllowAll
    </Limit>
  </Directory>
</Anonymous>

# A second anonymous ftp section.  Users can login as "private".  Here
# we hide files owned by root from being manipulated in any way.

<Anonymous /usr/local/private>
  User                bobf
  Group                users
  UserAlias            private bobf
  UserAlias            engineering bobf

  # Deny access from *.evil.net and *.otherevil.net, but allow
  # all others.
  <Limit LOGIN>
    Order            deny,allow
    Deny             from .evil.net, .otherevil.net
    Allow            from all
  </Limit>

  # We want all uploaded files to be owned by ‘engdept‘ group and
  # group writable.
  GroupOwner            engdept
  Umask                006

  # Hide all files owned by user ‘root‘
  HideUser            root

  <Limit WRITE>
    DenyAll
  </Limit>

  # Disallow clients from any access to hidden files.
  <Limit READ DIRS>
    IgnoreHidden            on
  </Limit>

  # Permit uploading and creation of new directories in
  # submissions/public

  <Directory submissions/public>
    <Limit READ>
      DenyAll
      IgnoreHidden            on
    </Limit>

    <Limit STOR MKD RMD XMKD XRMD>
      AllowAll
      IgnoreHidden            on
    </Limit>
  </Directory>
</Anonymous>

# The last anonymous example creates a "guest" account, which clients
# can authenticate to only if they know the user‘s password.

<Anonymous ~liuyuanzhen>
  User                liuyuanzhen
  Group                nobody
  AnonRequirePassword        on

  <Limit LOGIN>
    AllowAll
  </Limit>

  # Deny write access from all except trusted hosts.
  <Limit WRITE>
    AllowAll
  </Limit>
</Anonymous>
View Code

设置的密码与linux 账户一致。

3.打开防火墙

iptables -I INPUT -p tcp --dport 21 -j ACCEPT
iptables -I INPUT -p tcp --dport 20 -j ACCEPT
iptables -I INPUT -p tcp --dport 20000:20200 -j ACCEPT

4.启动程序

./proftpd

5.客户端连接

相关链接:https://www.cnblogs.com/kevingrace/p/6641224.html

搭建proftp服务器

标签:ftp   ref   creat   pen   mod   abort   proftpd   tps   processes   

原文地址:https://www.cnblogs.com/yuanzhenliu/p/9319854.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!