Kiev1.org Карта сайта Файлы Фотографии Киева
  
Реклама:






???????
 
 Sysadmin
 ??????????????
 ????? ? ?????
 ??????????
 ???????????? ???????
 ?????????????
 ? ???????
 ? ???????????
 ???????? ? ??????
 ???????????
 ??????????? ???????
 ???????? ????? ?????? ?????? ???????? ??????????
 ??????
 ??????
 ?????? ?????? 1924-1994
 ??????? ?? ??????
 ???? ? ???????
 ????? ??????????
 ?????????


Внимание! Читая пророчества на этом сайте помните что достоверность трудно проверить и все может во времени изменяться - самое главное думать своей головой и не верить легкомысленно всему что говорят, особенно советское телевидение
"О дне же том, или часе, никто не знает, ни Ангелы небесные, ни Сын, но только Отец (Мк. 13, 32)"

????????? ??????? ??? ????????? ? ????????? ProFTPD (?? ???? FreeBSD)



?? ????? ?????, ????? ???????? ? ????????? FTP Server'a. ??? ???? ??? ?????? ??? ???????? ???? proftpd ? ????? ??? ????? ???????. ??? ??? ???????????? ????????????, ??? ???? ??? ??????? ??????? ? ???????? ftp server ? ????? ????????? ????.
? ???? ????????????? ??? ?????? ????????? ???????? ???: ??? ???????????? ????????? ???? ????? RW ? incoming ? ?????? RO ? ????????? ??????????. ? ?? ??? ????? ?????????? ???????????? ?? ??????? ?????? ???????? ??????? ?? ?????? ? ????? ????? ????, ?????? ???????? ??????????? ?????? ???? ??? homedir. ???? ?? ?????? ??? ???????? ftp ?? ??????? ?? ????????(security) :(
? ??? ????????? ???? ????????? ?????? proftpd ? ????????? ?????.
?????????????. ????????. ????????.
?????? ????? ????????? ? ?????? standalone(??????????), ??? ????????????? TCP-wrapper'??? (inetd xinetd ? ??) ???? ? ??? ???? ???? ?????.
? ??? ?????? ????? ? ??????? ($prefix/etc/proftpd.conf):

root@ftp:/usr/local/proftpd/etc# egrep -v '#|^ *$' proftpd.conf

ServerName "ftp.mydomain.ru"
ServerAdmin "Administrator@mydomain.ru"
ServerIdent on "My FTP Server"
ServerType standalone
Umask 022
Port 21
User nobody
Group nogroup

<Limit LOGIN>
AllowUser user1
AllowUser user2
DenyAll
</Limit>

<Anonymous /home/ftp>
User ftp
Group wheel
UserAlias anonymous ftp
UserAlias guest ftp
MaxClients 50
DisplayLogin welcome.msg
DisplayFirstChdir .message

<Limit LOGIN>

Order Allow,Deny
Allow from 192.168., <other good IPs>
Deny from all
</Limit>

<Directory *>
AllowOverwrite on
<Limit READ>
AllowAll
</Limit>
<Limit WRITE STOP>
Order Allow,Deny
Allow from <administrator's_ip_addr>
Deny from all
</Limit>
</Directory>

<Directory incoming>
<Limit READ WRITE STOR>
AllowAll
</Limit>
</Directory>

</Anonymous>

<Global>

AllowChmod on
DefaultRoot ~
DefaultChdir ~

<Directory ~/*>
<Limit All>
AllowAll
</Limit>
</Directory>
</Global>
root@ftp:/usr/local/proftpd/etc#

? ??? ?? ??? ??? ?????????
???????????? ?????????? ?? ??????? ????? ????? ??? ?? ?? ???????? ?????.

? ?????? ??????? Limit LOGIN, ???? ?? ?????? ???????????? ????: ftp, anonymous ? guest. ??? ??????? ??????????? ?? ????????????? ???????? ????.

service ftp
{
log_type = FILE /var/log/ftp.log
socket_type= stream
wait = no
user = root (?? ??? ??? ???)
server = /usr/sbin/proftpd
server_args = .....
only_from = IP1 IP2
log_on_success = PID HOST DURATION
log_on_failure = HOST USERID
access_times = 9:00-21:00
}

brain.msk.ru
-------------------------------------
????????? ??????? ??? ????????? ? ????????? ProFTPD (?? ???? FreeBSD):


1. ?????? ??????????????, ?????? ??? ?????????? ?????-?????? ???????,
????????? ???. ? ?????? proftpd, ???? ?????? ???? ??????????
?????????? ????? ftpd, ???? ??????? ???????????? ????????? ????, ?????
????? ??????, ???????? ???? 8041:
Port 0
Bind 159.93.17.121
SocketBindTight on
Port 8041
* Port 0 - ????? ?? ????????????? 21'??? ????? ? ????? ? ???????
???????????
* Bind 159.93.17.121 - ???????? ?? ?????????? ip
* SocketBindTight on - ????????? ?????????? ?? ???????? by-default
????? 21
* Port 8041 - ????????? ????, ??????? ????? ??????? proftpd

2. ? ??????????? ????? ??????? ProFTPD (?????? ??????????) ??????
?????????:
* mod_auth - ?????????? ????? ?????? ???: USER, PASS, ACCT, REIN
* mod_core - ?????????? ?????? FTP: CWD, CDUP, MKD, PWD, RMD,
DELE...
* mod_log - ?????????? ????? ??????????, syslog
* mod_ls - ?????????? ?????????? ?????? FTP: LIST, NLST ? STAT
* mod_site - ?????????? ?????????? ?????? FTP: SITE, HELP ? CHMOD
* mod_unixpw - ????????? ? password-auth OS Unix
* mod_xfer - ?????????? ?????? FTP: STOR, RETR, APPE, REST...

?????? PAM ???????????? ? ??? ??????, ???? ??????? ????? ?????????
pam:
* mod_pam - ????????? ? ??????? ??????????? PAM (Pluggable
Authentication Modules)

?????? ??? ??????????? ????? readme - ????????? "DisplayReadme"
* mod_readme

3. ?????????????? ??????:
* mod_linuxprivs - ?????????? ?????????????? ????? security POSIX
1e, ?????? ??? Linux
* mod_quota - ???????? ?????
* mod_ratio - ??????? ?????????? ???????????? upload/download
* mod_wrap - ????????????? ??????? ? ?????? ??????????? tcp-wrappers

?????????????? ?????? ???????????, ????????? ?? ?????? DB:
* mod_ldap
* mod_sql
* mod_sql_mysql
* mod_sql_postgres

4. ? ProFTPD ??????????? ?????????? chroot ?? ? ?????? ?????? ?????
???????, ? ???? ????????, ?? ????????? ??? ? ???????? ????????
?????????? ??????? ?????????? ????????? ???????????? ???
ftp/anonymous.
?????? ?????????? ????????? ????????? ????? proftpd ??? ????????? ?
??????????, ????????? User ? Group, ????????????? ? ??? uid/gid. ?
????? ???????? "???????? ??????????" ? ??????? ????????:
* DefaultRoot - ? ???????????? server config, ,
* <Anonymous root-directory> - ? ???????????? server config,,

??? ? ???????, ?? ????? ??"chroot"??? ???? ????????? ?????????????
?????? ? ???????????? ????????? ?????:
DefaultRoot ~

5. ???? ? ??? ???????? ???????? ? ???????????? anonymous ??? ?????????
?????????????, ? ?????? ???????? User ? Group, ????????? ????? ???
???????????? ?? ?????????????? ? ftpusers ??? ????????? ????????????
????? ???????????? PAM ? ???????????? ? ?????????????? ?? ????????????
ProFTPD ??? ????????????? PAM. ???? ProFTPD ?????? ? ?????????? pam,
??? ????????, ????????? ??? ? ????????????:
AuthPAM off
AuthPAMAuthoritative off

?????????? ????? ????????? AuthPAM off. ????? ?????????????? ?????? ?
pam ???????????? ? ??????? ????????? AuthPAMConfig.

??????????: ??????? ??????????? ????????????, ??? ?????????? ???
???????????????? pamconfig ? proftpd-sources/modules/mod_pam.c:
static char * pamconfig = "ftp";

?????? ??????????????? ???????????? PAM ??? ProFTPD ? /etc/pam.conf
??? /etc/pam.d - ????? ??????????? ftp by default, ? ???????? ??
???????? ????? ? ??????? AuthPAMConfig.

???????? ftpusers ????? ????????? ?????????? UseFtpUsers off.
????????????? ??? ????????????? ????? ??? anonymous ??? ftp,
?????????????? ???????????:
AnonRequirePassword off (???????? ??-?????????)
RequireValidShell off
UserAlias anonymous ftp

?????? ????? ??????? ?????????????? ????????? ?????? <Anonymous ~ftp>
???????? User ? Group ? ???????? uid/gid ?????????? ~ftp ? ??
???????????.
????? ???? ?? ???????? ????????? ?? ??????????? ?? ? ?????????????
server ? global:
<Limit LOGIN>
DenyAll
<Limit>

???? ???????????, ?? ? ????????? <Anonymous> ????????:
<Limit LOGIN>
Order Allow,Deny
Allow from ip-address1,...
Deny from all
<Limit>

???
<Limit LOGIN>
AllowAll
<Limit>

6. ????? ????????????? ??????? ???????? ??? ???????? ????? proftpd
???????? "ls */../*/../*/...", ???????? ????????? ??????? DenyFilter
*.*/. ????? ???????????? ??? ????????? ??? ?????????????? ??????????.
????????:
DenyFilter *.*/

7. ???? ???????????? ???????? ?? ?????????? ??????????? - ???? ?? ftp,
?????????????? ?????????? UseReverseDNS off, ????????????? ? ??? ?????
???????????? ????????? IdentLookups off.
????????:
UseReverseDNS off

???
UseReverseDNS off
IdentLookups off

8. ?????????? ?????? ????????? ProFTPD ?? FreeBSD:

?????? ???????, ??????? proftpd ?? ?????? ???????:
cd /usr/ports/ftp/proftpd
make
make install
rm -rf work

???? ?? ????? ??????? proftpd ? ??????? ??? ????????, ??????????
?????????? Makefile ? ??? ?????????????, ????????? ??? ???? ?????.
?????? ?????? ??? ????????? PAM:
cd /usr/ports/ftp/proftpd
make WITHOUT_PAM=yes
make install
rm -rf work

????? ??????????????? ???? ????????????

/usr/local/etc/proftpd.conf
??? ???? ?????.

???????? ? ??? ??????? ???????????? ftp ? uid=ftp ? gid=operator, ?
????????? ????? proftpd ?? ????? ? USER nobody ? Group nogroup, ?????,
???????? ???????? ??????? ? ?????? Anonymous USER ftp ? Group operator
(??-????????? ?? FreeBSD ???????????? ftp ????? uid=ftp,
gid=operator).

?????????????? ??????? ?? ????? /etc/ftpusers ????????????? ? ???????
nobody, ftp. ???, ??? ??????? ???????? uid/gid ???????????? ftp ??
uid=ftp ? gid=ftp, ?? ????? ??????? ?????? ftp ? ???????? ?????????
?????? ? ?????????? ~ftp.

?????? ??????? ???????????? ProFTPD 1.2.4 ? FreeBSD:
??????????: ????? ???????? ??? nobody ?? ????? 8041, ? ??????
Anonymous ~ftp, uid=ftp, gid=operator, ???????? ??????????
????????????? ???????? ?????? DefaultRoot ~.
* ???? ???????????? proftpd

9. ???????? ???????????? ?????????? ???????????? ? ?????? ProFTPD. ???
???????? ???????????? ????? ????????????, ?????????? ????????? ?????
?? ?????????? ???????:
./proftpd -t

??? ??????????? ? ?????????? ????? ??????? ?????? ??? ??????? proftpd,
?????????? ????????? ????? ? ???????:
./proftpd -l

??? ??????? ?????? ? ???????? ??????, ? ??????? ??????????? ?? ?????:
./proftpd -n -d 9 -c /path/proftpd.conf

??? -n - ????????? ??? ?? ????????? ????? ? ?????? foreground
-d 9 - ????????? ??? ? ?????????? ?????? ? ???????????? ???????
??????? 9.
-c /path/proftpd.conf - ????????? ???????? ???? ????????????.
_________________________________________________________________

Copyleft Andrey Lavrentyev

_________________________________________________________________

?????? ????????????:


# This sample configuration file illustrates configuring two
# anonymous directories, and a guest (same thing as anonymous but
# requires a valid password to login)

ServerName "ProFTPD Server"
ServerType standalone

# Port 21 is the standard FTP port.
Port 1021

# If you don't want normal users logging in at all, uncomment this
# next section
#<Limit LOGIN>
# DenyAll
#</Limit>

# Set the user and group that the server normally runs at.
#User root
#Group wheel
User nobody
Group nogroup

#--lavr/pam
#AuthPAMAuthoritative on
#PersistentPasswd on
#AuthPAM off
#AuthPAMConfig ftp

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 10

# Set the maximum number of seconds a data connection is allowed
# to "stall" before being aborted.
TimeoutStalled 300

# We want 'welcome.msg' displayed at login, and '.message' displayed
# in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message

#
# Logging options
#
TransferLog /var/log/proftpd/xferlog
#
# Some logging formats
#
LogFormat default "%h %l %u %t "%r" %s %b"
#LogFormat auth "%v [%P] %h %t "%r" %s"
#LogFormat write "%h %l %u %t "%r" %s %b"

# Our "basic" anonymous configuration, including a single
# upload directory ("uploads")
#<Anonymous ~ftp>

<VirtualHost 159.93.17.121>

<Anonymous ~ftp>

#--lavr; this msg for <VirtualHost>, <Anonymous>, <Global>
AccessGrantMsg "Anonymous access granted for %u."

# User nobody
# Group nogroup

User ftp
Group operator

#--lavr don't check /etc/shells & ftp-shell
RequireValidShell off

#--lavr: AnonRequirePassword off for <Anonymous>, default=off
AnonRequirePassword off

#--lavr: AllowRetrieveRestart on [default] for <VirtualHost>, <Anonymous>, <Directory>

#--lavr: AnonRatio foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess

#--lavr: Bind address for server config, <VirtualHost>
#--lavr: ByteRatioErrMsg foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#--lavr: Class "name" limit|regex|ip value for server config, <VirtualHost>
# see example:
#Classes on
#Class local limit 100
#Class default limit 10
#Class local regex .*foo.com
#Class local ip 172.16.1.0/24
#
#--lavr: Classes on|off for server config, <VirtualHost>
#
#--lavr: DefaultQuota foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#
#--lavr: DefaultRoot directory [group-expression] for server config, <VirtualHost>, <Global>
#--lavr: DefaultServer on|off for server config,<VirtualHost>
#
#--lavr: DeferWelcome on|off for server config, <VirtualHost>, <Global>
#
#--lavr: Deny ["from"] "all"|"none"|host|network[,host|network[,...]]
# for <Limit>
#
#--lavr: DenyAll for <Directory>, <Anonymous>, <Limit>
#
#--lavr: DisplayConnect filename - when connect
#
#--lavr: DisplayGoAway filename - when limit or deny
#%T Current Time
#%F Available space on file system
#%C Current working directory
#%R Remote host name
#%L Local host name
#%u Username reported by ident protocol
#%U Username originally used in login
#%M Max number of connections
#%N Current number of connections
#%E Server admin's e-mail address
#%x The name of the user's class
#%y Current number of connections from the user's class
#%z Max number of connections from the user's class
#
#--lavr: DisplayLogin filename for server config, <VirtualHost>, <Anonymous>
#
#--lavr: DisplayQuit filename for server config, <VirtualHost>, <Anonymous>
#
#--lavr: DisplayReadme filename or pattern for server config, <VirtualHost>, <Anonymous>
#
#--lavr: ExtendedLog filename [[command-classes] format-nickname] for
# server config, <VirtualHost>, <Anonymous>
# classes: NONE=No commands; AUTH=Authentication commands (USER, PASS)
# INFO=Informational commands (PWD, SYST, etc)
# DIRS=Directory commands (LIST, CWD, MKD, etc)
# READ=File reading (RETR)
# WRITE=File/directory writing or creation
# MISC=Miscellaneous commands (SITE, etc)
# ALL=default
#
#--lavr: FileRatioErrMsg foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#
#--lavr: HostRatio foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#
#--lavr: IdentLookups on|off for server config, <VirtualHost>, <Global>
# try to define remote-user name
#
#--lavr: <Limit command|command-group [command2 ..]> for
# server config, <VirtualHost>, <Directory>,<Anonymous>, <Global>, .ftpaccess
# command:
# CWD (Change Working Directory)
# MKD (MaKe Directory)
# RNFR (ReName FRom), RNTO (ReName TO
# DELE (DELEte)
# RMD (ReMove Directory)
# RETR (RETRieve)
# STOR (STORe)
# additional command-group:
# READ;WRITE;DIRS;ALL;LOGIN
#
#--lavr: LeechRatioMsg foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#
#--lavr: LogFormat nickname "format-string"
# default: LogFormat default "%h %l %u %t "%r" %s %b"
#
#--lavr: LoginPasswordPrompt on|off for server config, <VirtualHost>, <Anonymous>,<Global>
#
#--lavr: MaxClients number|none [message] for server config, <Anonymous>, <VirtualHost>;<Global>
#
#--lavr: MaxClientsPerHost number|none [message]
# for server config, <Anonymous>, <VirtualHost>,<Global>
#
#--lavr: MaxInstances number - how many process-ftpd in standalone
#
#--lavr: MaxLoginAttempts number for server config, <VirtualHost>, <Global>
# how many attempts for login-authenticate
#
#--lavr: Order allow,deny|deny,allow for <Limit>
# examp: Order allow,deny:
# 1. Check Allow directives. If one or more apply, exit with result:
# ALLOW
# 2. Check Deny directives. If one or more apply, exit with result:
# DENY
# 3. Exit with default implicit ALLOW
# examp: Order deny,allow
# 1. Check Deny directives. If one or more apply, exit with result:
# DENY
# 2. Check Allow directives. If one or more apply, exit with result:
# ALLOW
# 3. Exit with default implicit: DENY
#
#--lavr: PersistentPasswd on|off see Guide
#
#--lavr: Port port-number for server config, <VirtualHost>
#
#--lavr: RateReadBPS byte_per_sec-number for server config, <VirtualHost>, <Anonymous>,<Directory>, <Global>
#
#--lavr: RateReadFreeBytes number of bytes for server config, <VirtualHost>, <Anonymous>,<Directory>, <Global>
#
#--lavr: RateReadHardBPS on/off for server config, <VirtualHost>, <Anonymous>,<Directory>, <Global>
#
#--lavr: RatioFile foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#
#--lavr: Ratios foo1 foo2 foo3 for <Directory>, <Anonymous>, <Limit>,.ftpaccess
#
#--lavr: ServerIdent On|Off [identification string]
#
#--lavr: SocketBindTight on|off
#
#--lavr: SyslogFacility facility-level
# mode=AUTH[AUTHPRIV],CRON,DAEMON,KERN,LPR,MAIL,NEWS,USER,UUCP,LOCAL0,LOCAL1,LOCAL2,LOCAL3,LOCAL4,LOCAL5,LOCAL6,LOCAL7
#
#--lavr: SystemLog filename|NONE
#
#--lavr: TimeoutIdle seconds - default=600
#
#--lavr: TimeoutLogin seconds - default=300
#
#--lavr: TimeoutStalled seconds - default=0
#
#--lavr: TimeoutNoTransfer seconds - default=600
#
#--lavr: UseFtpUsers on|off - see /etc/ftpusers
#
#--lavr: UseReverseDNS on|off

# Allow logins if they are disabled above.
#--lavr: Allow ["from"] "all"|"none"|host|network[,host|network[,...]]
# see example, use in <Limit>
# <Limit LOGIN>
# Order Allow,Deny
# Allow from
# 128.44.26.,128.44.26.,myhost.mydomain.edu,.trusted-domain.org
# Deny from all
# </Limit>
#<Limit LOGIN>
#--lavr: AllowAll in <Directory>, <Anonymous>, <Limit>, .ftpaccess
# AllowAll
#</Limit>
<Limit LOGIN>
# Order allow,deny
# Allow from all
# Deny from .microsoft.com, .msn.com
AllowAll
</Limit>

# Maximum clients with message
MaxClients 10 "Sorry, max %m users -- try again later"

# User ftp
# Group ftp

# We want clients to be able to login with "anonymous" as well as "ftp"
UserAlias anonymous ftp

# Limit WRITE everywhere in the anonymous chroot
<Limit WRITE>
DenyAll
</Limit>

# An upload directory that allows storing files but not retrieving
# or creating directories.
<Directory incoming/moviez/incoming/*>

# Normally, we want files to be overwriteable.
AllowOverwrite on

Umask 000

<Limit READ DIRS>
AllowAll
</Limit>

<Limit STOR MKD RMD>
AllowAll
</Limit>
</Directory>

<Directory incoming/raid/*>

# Normally, we want files to be overwriteable.
AllowOverwrite on

Umask 000

<Limit READ>
DenyAll
</Limit>

<Limit STOR MKD RMD>
AllowAll
</Limit>
</Directory>

</Anonymous>
</VirtualHost 159.93.17.121>

?????: ?????? ?????????? (lavr@unix1.jinr.ru), unix1.jinr.ru/~lavr/
--------------------------------
???? ?????? ??? ???????, ????? ??????????? ? ProFTPd

www.proftpd.org (??????????)
??????????? ???? ?????????, ?? ??????? ????? ????? ???. (????, FAQ, ??????????, ????? ?????? ?????????). ???????, ?????? ??? ???, ??? ???? ??????? ?????? ? ??????????.

unix1.jinr.ru/~lavr/local/proftpd.html (???????)
???????? ????????????? ?? ????????? ProFTPD ? ?????? ???????????? ProFTPD-1.2.4 ??? FreeBSD

www.castaglia.org/proftpd/ (??????????)
??? ???? ?????????? ????. ????? ???????? ?????? ?? pfoftpd ? ?????? ?? ?????????? ??????? ????????? TJ Saunders

brain.msk.ru/proftpd_conf.html (???????)
????????????? ????????? proftpd

secnet.on.ufanet.ru/proj/fb2.html (???????)
?????? FTP: ProFTPd ? ??? ??? ???????????... (????????? ???????? 2001-03-08)

solaris.opennet.ru/base/net/proftpd.txt.html (???????)
OpenNET: ?????? - proftpd ? incoming ????????? ?????? ???? ??????? ????????? (ftp )

bsd.opennet.ru/base/net/adv_proftpd.txt.html (???????)
OpenNET: ?????? - ????????? ??????? ??? ????????? ? ????????? ProFTPD (ftp example virtual)

linuxland.itam.nsc.ru/noties/ProFTPd.html (???????)
ProFTPD in FreeBSD. ? ?????? ?????? ???? ?????? ? ????????? ??????????? FTP-?????? ProFTPD ??? FreeBSD

?? ??????? www.sysadmins.ru - ??? ??????? ????? ??? ????????? ???????????????, ? ?????? "UNIX" ? ?????? ????? ??????? proftpd - ?????? ?????? ? ????????? ? ???????? ?? ProFTPd

????? ????? ????? ?????? ?? ????? ProFTPd

proftpd.conf (???????)
??? ?????? ?????? ????? ??? FreeBSD 4.5

..... ??? ?????? ?? ??? ?????? ?? ???? ????, ?? ?? ?????? ??????????, ????? ?????? ??? ???????? ? ??????? ?? ?????? ? FTP ???????? ProFTPd. ?? ?????, ??????? ?? ?????? ????. ? ??? ???? ???, ??? ?????.

gross.unact.ru
============





Внимание! Читая пророчества на этом сайте помните что достоверность трудно проверить и все может во времени изменяться
"О дне же том, или часе, никто не знает, ни Ангелы небесные, ни Сын, но только Отец (Мк. 13, 32)"