荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: plain.bbs@bbs.cqupt.edu.cn (三缄其口), 信区: Linux
标 题: proftp简单的MySQL认证配置文件
发信站: 幽幽黄桷兰 (Wed Mar 17 14:09:15 2004)
转信站: SZU!news.szu.edu.cn!news.feeling.smth.org!news.uestc.edu.cn!CQUPT
##
## Config with simple mysql authentication support
## Contributed by 'Stonki'
## Added to www.proftpd.org 18/Oct/2002
##
# This is a basic ProFTPD configuration file. It establishes a single
# server and a single anonymous login. It assumes that you have a
# user/group "nobody"/"nogroup" for normal operation and anon.
# !!! PLEASE read the documentation of proftpd !!!
#
# You can find the documentation in /usr/doc/packages/proftpd/,
# http://www.proftpd.org/ and don't forget to read carefully
# and _follow_ hints on http://www.proftpd.net/security.html.
#
# geaendert: 03.11.2001 f黵 ProFTP 1.2.4 und mod_sql 4.x
#
#
# Basic
#
ServerName "Stonki"
serverType inetd
ServerAdmin support@stonki.de
#
# Debug Level
# emerg, alert, crit (empfohlen), error, warn. notice, info, debug
#
#SyslogLevel emerg
#SystemLog /var/log/proftpd.system.log
#
# uncomment, if you want to hide the servers name:
#
ServerIdent on "Stonki's Server"
DeferWelcome on
DefaultServer on
#
# Display
#
DisplayLogin /messages/ftp.motd
DisplayConnect /net/messages/ftp.pre
DisplayFirstChdir index.txt
HiddenStor off
DirFakeUser on stonki
DirFakeGroup on stonki
DirFakeMode 0000
# Enable PAM for authentication...
#
AuthPAM on
# Setting this directive to on will cause authentication to fail
# if PAM authentication fails. The default setting, off, allows
# other modules and directives such as AuthUserFile and friends
# to authenticate users.
#
# AuthPAMAuthoritative on
# This directive allows you to specify the PAM service name used
# in authentication (default is "proftpd" on SuSE Linux).
# You have to setup the service in the /etc/pam.d/<other_name>.
#
#AuthPAMConfig <other_name>
# Port 21 is the standard FTP port.
Port 21
#------------------------mysql Modul: 4.x
#
# Zugangskontrolle
#
SQLAuthTypes Plaintext
SQLAuthenticate users*
SQLConnectInfo db@localhost username password
SQLDefaultGID 65534
SQLDefaultUID 65534
SQLMinUserGID 100
SQLMinUserUID 500
SQLUserInfo ftp username password uid gid homedir shell
#
# aktive SQL Kommandos, ab hier passiert etwas :-)
#
SQLLog PASS counter
SQLNamedQuery counter UPDATE "letzter_zugriff=now(), count=count+1 WHERE
username='%u'" ftp
# xfer Log in mysql
SQLLog RETR,STOR transfer1
SQLNamedQuery transfer1 INSERT "'%u', '%f', '%b', '%h', '%a', '%m', '%T', now()
, 'c', NULL" xfer_stat
SQLLOG ERR_RETR,ERR_STOR transfer2
SQLNamedQuery transfer2 INSERT "'%u', '%f', '%b', '%h', '%a', '%m', '%T', now()
, 'i', NULL" xfer_stat
#------------------------mysql
# Port 21 is the standard FTP port.
Port 21
# disable listen on 0.0.0.0:21 - the port (and IP) should
# be specified explicitly in each VirtualHost definition
#
#Port 0
# listen for each (additional) address explicitly that is
# specified (via Bind and Port) in a VirtualHost definition
#
#SocketBindTight on
#
# FXP Unterstuetzung
#
AllowForeignAddress on
# Umask 022 is a good standard umask to prevent new dirs
# and files from being group and world writable.
Umask 022
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
# Maximal Werte setzen
MaxClientsPerHost 3 "Nicht mehr als %m Verbindungen"
MaxClients 5 "Leider sind schon %m Clients verbunden"
# RateReadBPS 5000
# RateReadFreeBytes 5000
# RateReadHardBPS on
Classes on
Class default limit 5
Class internet limit 2
Class local limit 3
Class internet ip 0.0.0.0/0
Class internet ip 192.168.99.99/24
Class local ip 127.0.0.1/24
Class local ip 192.168.0.0/24
#
# Restart erlauben
#
AllowStoreRestart on
AllowRetrieveRestart on
# Normally, we want files to be overwriteable.
<Directory /*>
AllowOverwrite off
HideNoAccess on
<Limit READ>
AllowAll
</Limit>
<Limit Write>
DenyAll
</Limit>
</Directory>
<Directory /net/incoming/*>
AllowOverwrite on
<Limit STOR CMD MKD WRITE>
AllowALL
</Limit>
<Limit RETR DELE>
DenyALL
</Limit>
</Directory>
# It is a very good idea to allow only filenames containing normal
# alphanumeric characters for uploads (and not shell code...)
#PathAllowFilter "^[a-zA-Z0-9_.-]()'+$"
#PathAllowFilter "^[a-zA-Z0-9 _.-]()'+$"
# We don't want .ftpaccess or .htaccess files to be uploaded
#PathDenyFilter "(\.ftp)|(\.ht)[a-z]+$"
#PathDenyFilter "\.ftp[a-z]+$"
# Do not allow to pass printf-Formats (security! see documentation!):
#AllowFilter "^[a-zA-Z0-9@~ /,_.-]*$"
#DenyFilter "%"
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# such as xinetd)
MaxInstances 30
# Performance: skip DNS resolution when we process the logs...
UseReverseDNS on
# Turn off Ident lookups
IdentLookups on
# Set the maximum number of seconds a data connection is allowed
# to "stall" before being aborted.
TimeoutStalled 300
# Where do we put the pid files?
ScoreboardPath /usr/local/var/proftpd
#
# Logging options
#
TransferLog /var/log/proftpd.xferlog
# Some logging formats
#
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
LogFormat write "%h %l %u %t \"%r\" %s %b"
# Log file/dir access
ExtendedLog /var/log/proftpd.access_log WRITE,READ write
# Record all logins
ExtendedLog /var/log/proftpd.auth_log AUTH auth
# Paranoia logging level....
ExtendedLog /var/log/proftpd.paranoid_log ALL default
#
# Do a chroot for web-users (i.e. public or www group), but
# do not change root if the user is also in the users group...
#
DefaultRoot ~ !users
#
# Limit login attempts
#
MaxLoginAttempts 3
#
# Users needs a valid shell
#
RequireValidShell off
--
做人要厚道
※ 来源:·幽幽黄桷兰 bbs.cqupt.edu.cn·[FROM: www.coiwin.com]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店