proftpd的搭建以及相关配置

配置文件在etc/proftpd.conf，配置文件说明如下：

ServerName                     "ProFTPD Default Installation"

ServerType                     standalone

DefaultServer                  on

分别表示：服务器名称，服务类型和默认服务状态！

后面的服务端口啊什么的我就省去不说了，说最关键的权限控制部分。

 # Set the user and group under which the server will run.

User                           nobody

Group                          nogroup

注意看上面：以什么用户和什么组来运行服务。 

更改为你现有的组和用户，这里为了管理上的方便和安全性上考虑，建议新建一个ftp组和ftp用户。

# To cause every FTP user to be "jailed" (chrooted) into their home

# directory, uncomment this line.

#DefaultRoot ~

是否允许用户进入用户的主目录，注意：可是适用/home替代

# Normally, we want files to be overwriteable.

AllowOverwrite         on

是否具有重写的权利

# A basic anonymous configuration, no upload directories. If you do not

# want anonymous users, simply delete this entire <Anonymous> section.

<Anonymous ~ftp>

 User                         ftp

 Group                        ftp

 # We want clients to be able to login with "anonymous" as well as "ftp"

 UserAlias                    anonymous ftp

 # Limit the maximum number of anonymous logins

 MaxClients                   10

 # We want 'welcome.msg' displayed at login, and '.message' displayed

 # in each newly chdired directory.

 DisplayLogin                 welcome.msg

 DisplayFirstChdir            .message

 # Limit WRITE everywhere in the anonymous chroot

 <Limit WRITE>

   DenyAll

 </Limit>

</Anonymous>

这部分是匿名用户的定义其实也很简单。

------------------------------------------------

启动不了，出现如下错误的解决方法

[root@new-host sbin]# ./proftpd

 - IPv4 getaddrinfo 'new-host' error: Name or service not known

 - warning: unable to determine IP address of 'new-host'

 - error: no valid servers configured

 - Fatal: error processing configuration file '/usr/local/proftpd/etc/proftpd.conf'

原因是无法绑定Ip地址。

在配置文件中增加下面这句：

DefaultAddress                 192.168.8.105

再重启服务就可以了！

对出现的530 Login incorrect错误，查看日志发现Invalid shell错误

在配置中添加

 "Fatal: Socket operation on non-socket"

  这通常意味着在 proftpd.conf 配置文件中 ServerType 指令被配置成 inetd

  (超级服务器)方式而不是 standalone(独立服务器) 方式来运行。

PROFTPD服务器相关命令

1、ftpshut:关闭FTP服务，并在/etc下生成文件shutmsg。要重新开放FTP服务，把/etc/shutmsg删除。

2、ftpcout:FTP服务器在线人数信息显示。

3、ftpwho:FTP服务器在线人员名单。

几个文件的功能及路径

/usr/local/sbin/proftpd 执行程序

/usr/local/etc/proftpd.conf 设置文件

/usr/local/var/proftpd.pid proftpd做为一个服务的ID号

设定proftpd.conf文件，起动服务

cd /etc/rc.d/rc3.d

ln -s /usr/local/sbin/proftpd S99proftpd

或者

修改/etc/rc.d/rc.local

加上下面这句

/usr/local/sbin/proftpd start

proftpd 怎么查看在线连接的ip

登陆服务器

输入 ftpwho

或ftptop

ftptop可以显示在线人的ip 速度等

//////////////////////////////////////////////////////

先建立ftp和media用户，用户组为nogroup,不允许登录系统

useradd media -d/home/media -gnogroup

增加权限

chown -R media /hoem/media

要使ftp用户登录要修改/etc/ftpuser文件注释掉ftp

内网架设FTP服务器的方法：

1. 在proftpd.conf中利用MasqueradeAddress命令将网关的IP地址或域名指定给FTP服务器，例如

MasqueradeAddress myftpserver.vicp.net   ？？？？？

或MasqueradeAddress 12.34.56.78          ？？？？？经使用只能连接不能下载

然后通过PassivePorts命令来限制被动方式下监听的端口的范围，例如

PassivePorts 60000 65534

2. 在网关的端口映射上将第一步中指定的端口范围（例中为60000-65534）以及FTP端口21映射到FTP服务器的内网地址上。

getaddrinfo 'test' error: Name or service not known

- warning: unable to determine IP address of 'test'

- error: no valid servers configured

- Fatal: error processing configuration file '/etc/proftpd.conf'

解决：产生该问题是由于hosts文件里机器名未增加别名引起的。

#vi /etc/host

proftpd登陆速度慢的问题的解决

proftpd.conf中增加两行设置：

UseReverseDNS off

IdentLookups off

# This is a basic ProFTPD configuration file.

# It establishes a single server and a single anonymous login.

# It assumes that you have a user/group "nobody" and "ftp"

# for normal/anonymous operation.

ServerName   "ProFTPD Default Installation"

ServerType   standalone

#ServerType   inetd

DefaultServer   on

# Port 21 is the standard FTP port.

Port    21

# Umask 022 is a good standard umask to prevent new dirs and files

# from being group and world writable.

Umask    022

# To prevent DoS attacks, set the maximum number of child processes

# to 30.  If you need to allow more than 30 concurrent connections

# at once, simply increase this value.  Note that this ONLY works

# in standalone mode, in inetd mode you should use an inetd server

# that allows you to limit maximum number of processes per service

# (such as xinetd)

MaxInstances   30

# Set the user and group that the server normally runs at.

User  ftp

# nobody

Group  nogroup

# nogroup

# This next option is required for NIS or NIS+ to work properly:

#PersistentPasswd off

SystemLog   /var/log/proftpd.log

TransferLog   /var/log/xferlog

DefaultAddress  192.168.1.254

<Directory /*>

  AllowOverwrite  on

</Directory>

<Anonymous ~media>

  RequireValidShell  off

  User   media 

  Group         nogroup 

  MaxClients   50

  DisplayLogin   welcome.msg

  DisplayFirstChdir  .message

  <Limit All>

    AllowAll

  </Limit>

# A basic anonymous FTP server configuration.

# To enable this, remove the user ftp from /etc/ftpusers.

  User   ftp

  # We want clients to be able to login with "anonymous" as well as "ftp"

 # UserAlias   anonymous ftp

  # Limit the maximum number of anonymous logins

  # We want 'welcome.msg' displayed at login, and '.message' displayed

  # in each newly chdired directory.

  # An upload directory that allows storing files but not retrieving

  # or creating directories.

  <Directory /*>

    <Limit READ>

      AllowAll

    </Limit>

  # Limit WRITE everywhere in the anonymous chroot

  <Limit WRITE>

  AllowAll

    <Limit STOR>

  </Directory>

    本文转自yuangang_love 51CTO博客，原文链接：http://blog.51cto.com/linux008/1554634，如需转载请自行联系原作者