设置quota,只要在ftpquotalimits表里设置一下就行了,这个表里的各个参数分别代表:
代码:
quotalimits表
name: - 用户帐号
quota type: - user, group, class, all (we use user)
per_session: - true or false (we use true)
limit_type: - 硬限制 or 软限制 (我们一般用硬限制)
bytes_in_avail: - 允许上传的字节数
bytes_out_avail: - 允许下载的字节数
bytes_xfer_avail: - 允许传输的字节数(包括上传/下载)
files_in_avail: - 允许上传的文件数
files_out_avail: - 允许下载的文件数
files_xfer_avail: - 允许传输的文件数(包括上传/下载)
建立系统相关用户或组:
1.创建proftpd服务运行的用户和用户组:
#pw groupadd ftpgrp -g 2001
#pw adduser ftpusr -u 2001 -g 2001 -d /usr/ftp/incoming -s
/sbin/nologin
2、创建匿名登陆用户映射的系统用户和用户组
#pw groupadd pubusers -g 2002
#pw adduser ftp -u 2002 -g 2001 -d /usr/ftp/incoming -s
/sbin/nologin
3、配置系统自启动proftpd服务
#ee /etc/rc.conf
proftpd_enable=”YES”
这样系统启动的时候会调用/usr/local/etc/rc.d/proftpd.sh脚本启动proftpd服务
4、监控和调试proftpd服务
#/usr/local/sbin/proftpd proftpd -n -d 5 -c
/usr/local/etc/proftpd.conf
这样在测试和连接ftp的时候,可以在主机上看到所有的proftpd运行信息
5、日志监控
#tail -f /var/log/proftpd.syslog
#tail -f /var/log/proftpd.transferlog
6、用户登陆后运行quote SITE QUOTA命令查看设置的磁盘限额信息
最后运行时出现的问题:
匿名登陆时总出现验证,用测试用户登陆出现错误:
FreeBSD# ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
500 FTP server shut down (going down at Tue Dec 19 20:00:00 2007)
-- please try again later.
ftp>
解决方法:
#rm -rf /etc/shutmsg
其它一些问题的处理:
Q:在本地ftp
localhost输入用户名、密码回车后。等很久才进入FTP Server
A:ftp 127.0.0.1
Q:在远程服务器上ftp
ip输入用户名、密码回车后。等很久才进入FTP Server
A:LDAPServer localhost 改为 LDAPServer 127.0.0.1
Q:登录Ftp Server 提示
530 Login incorrect.
Login failed.
A:在登录ProFTPD时加参数proftpd –d5
–n会输出调试信息。你可以在其中
找到答案。如果在调试信息中找到这一行no such user 'xxxx'
可能是与MySQL/OpenLDAP连接有问题。
Q:服务不能启动,显示主机名错误之类的提示。
A: ee /etc/hosts
加入一行:
本机IP地址 主机名
附: proftpd.conf
# This is a basic ProFTPD configuration file (rename it to
# 'proftpd.conf' for actual use. It establishes a
single server
# and a single anonymous login. It assumes that
you have a user/group
# "nobody" and "ftp" for normal operation and anon.
ServerName "Home
Download"
ServerType standalone
DefaultServer on
# Port 21 is the standard FTP port.
Port 21
# Umask 022 is a good standard umask to prevent new dirs and
files
# from being group and world writable.
Umask 022
# To prevent DoS attacks, set the maximum number of child
processes
# to 30. If you need to allow more than 30
concurrent connections
# at once, simply increase this value. Note that
this ONLY works
# in standalone mode, in inetd mode you should use an inetd
server
# that allows you to limit maximum number of processes per
service
# (such as xinetd).
MaxInstances 30
# Set the user and group under which the server will run.
User ftpusr
Group ftpgrp
RequireValidShell off
AllowStoreRestart on
UseReverseDNS off 【解决反应慢问题】
IdentLookups
off 【解决反应慢问题】
# To cause every FTP user to be "jailed" (chrooted) into their
home
# directory, uncomment this line.
DefaultRoot ~
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
DenyAll
</Limit>
----------------------------------------------------
TransferRate STOR 500 user
upload
#[up-speed]
TransferRate RETR 500 user
homedown
#[down-speed]
PassivePorts 20000 20010
#[被模式开放的端口,防火墙那边也记着开启,否则直接点击网页下载是不可能的,下载工具不关闭"被动模式"将不能下载]
<Directory />
AllowOverwrite on #[断点续UP]
AllowStoreRestart on #[断点续DOWN]
#AllowForeignAddress on
<Limit All>
AllowAll
</Limit>
</Directory>
---------------------------------------------------------
# A basic anonymous configuration, no upload
directories. If you do not
# want anonymous users, simply delete this entire <Anonymous>
section.
<Anonymous /usr/ftp>
User ftp
Group pubusers
# We want clients to be able to login with
"anonymous" as well as "ftp"
UserAlias anonymous
ftp
# Limit the maximum number of anonymous
logins
MaxClients 10
# We want 'welcome.msg' displayed at login,
and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
# Limit WRITE everywhere in the anonymous chroot
AuthAliasOnly on #[禁以用户名方式匿名登陆]
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
#
数据库联接的信息,proftpdb是数据库名,localhost是主机名,proftpd是连接数据库的用户名,
#proftpdb是密码
SQLConnectInfo proftpd@localhost proftpd ******
SQLAuthTypes Backend Plaintext
#SQLAuthenticate users* groups*
SQLUserInfo ftpusers userid passwd uid gid homedir shell
SQLGroupInfo ftpgroups groupname gid members
SQLAuthenticate users groups usersetfast groupsetfast
# 如果home目录不存在,则系统会根据它的home项新建一个目录
SQLHomedirOnDemand on
QuotaDirectoryTally on
# 磁盘限额单位 b"|"Kb"|"Mb"|"Gb"
QuotaDisplayUnits "Mb"
QuotaEngine on
QuotaLog "/var/log/quota.log"
# 打开磁盘限额信息,当登陆FTP帐户后,使用命令 "quote SITE QUOTA"
后可显示当前用#户的磁盘限额
QuotaShowQuotas on
SQLNamedQuery get-quota-limit SELECT "name, quota_type,
per_session, limit_type, bytes_in_avail, bytes_out_avail,
bytes_xfer_avail,files_in_avail, files_out_avail, files_xfer_avail
FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type,
bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used,
files_out_used, files_xfer_used FROM quotatallies WHERE name =
'%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used =
bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1},
bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used =
files_in_used + %{3}, files_out_used = files_out_used + %{4},
files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND
quota_type = '%{7}'" quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3},
%{4}, %{5}, %{6}, %{7}" quotatallies
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable
sql:/get-quota-tally/update-quota-tally/insert-quota-tally