proftpd的各用户如何限制ip的访问

由 silver810212 在 10-14-2004 10:06 发表:

proftpd的各用户如何限制ip的访问

debian woody+proftpd

用户1:所有ip均可访问

用户2:仅限192.168..,202.200.*.*访问。

请问如何实现?


生命不息,学习不止!

你帮助我,我也帮助你。

MSN:[email protected]


由 faint 在 10-14-2004 13:57 发表:


 1<limit login="">   
 2  
 3Order allow,deny   
 4  
 5Deny from ip1/mask2   
 6  
 7Deny from ip2/mask2   
 8  
 9Deny from all   
10  
11</limit>

由 silver810212 在 10-15-2004 16:06 发表:


> quote: > > * * * > > 最初由 faint 发表
>
> **

 1<limit login="">   
 2&gt;    
 3&gt;  Order allow,deny   
 4&gt;    
 5&gt;  Deny from ip1/mask2   
 6&gt;    
 7&gt;  Deny from ip2/mask2   
 8&gt;    
 9&gt;  Deny from all   
10&gt;    
11&gt;  </limit>

** > > * * *

有点问题吧?

应该是这样吧?

 1<limit login="">   
 2  
 3Order allow,deny   
 4  
 5Allow from all   
 6  
 7Deny from ip1/mask2   
 8  
 9Deny from ip2/mask2   
10  
11</limit>

如果要实现我要求的那个功能应该是这样吧:

1<directory home="" usr1="">
2<limit login="">   
3  
4Order allow,deny   
5  
6Allow from all   
7  
8</limit>
9</directory>
 1<directory home="" usr2="">
 2<limit login="">   
 3  
 4Order allow,deny   
 5  
 6Allow from all   
 7  
 8Deny from ip1/mask2   
 9  
10Deny from ip2/mask2   
11  
12</limit>
13</directory>

生命不息,学习不止!

你帮助我,我也帮助你。

MSN:[email protected]


由 silver810212 在 11-02-2004 14:08 发表:


> > 源码: >
> * * * >
>
> > > # This is a basic ProFTPD configuration file (rename it to
> > > # 'proftpd.conf' for actual use. It establishes a single server
> > > # and a single anonymous login. It assumes that you have a user/group
> > > # "nobody" and "ftp" for normal operation and anon.
> > >
> > > ServerName "Bupticet's FTP server,powered by Proftpd on Debian linux"
> > > ServerIdent On "Bupticet's FTP server,powered by Proftpd on Debian linux"
> > > ServerType standalone
> > > DeferWelcome off
> > > #ServerIdent Off
> > >
> > > ShowSymlinks on
> > > MultilineRFC2228 on
> > > DefaultServer on
> > > ShowSymlinks on
> > > AllowOverwrite on
> > > RequireValidShell off
> > > AllowForeignAddress on
> > > #PassivePorts 20000 30000
> > >
> > > TimeoutNoTransfer 600
> > > TimeoutStalled 600
> > > TimeoutIdle 120
> > >
> > > MaxInstances 250
> > > DisplayLogin welcome.msg
> > > DisplayFirstChdir .message
> > > LsDefaultOptions "-l"
> > >
> > > DenyFilter *.*/
> > >
> > > # Uncomment this if you are using NIS or LDAP to retrieve passwords:
> > > #PersistentPasswd off
> > >
> > > # Port 21 is the standard FTP port.
> > > Port 21
> > >
> > > # To prevent DoS attacks, set the maximum number of child processes
> > > # to 30. If you need to allow more than 30 concurrent connections
> > > # at once, simply increase this value. Note that this ONLY works
> > > # in standalone mode, in inetd mode you should use an inetd server
> > > # that allows you to limit maximum number of processes per service
> > > # (such as xinetd)
> > > MaxInstances 30
> > > MaxClientsPerHost 5
> > >
> > > # Set the user and group that the server normally runs at.
> > > User nobody
> > > Group nogroup
> > > DefaultRoot ~
> > > # Normally, we want files to be overwriteable.
> > >
> > >

 1<directory "="" *"="" home="" silver="">  
 2&gt;     &gt; 
 3&gt;     <limit login="">  
 4&gt;     &gt; 
 5&gt;     Order deny,allow  
 6&gt;     &gt; 
 7&gt;     Allow from 0.0.0.0/0.0.0.0  
 8&gt;     &gt; 
 9&gt;     </limit>  
10&gt;     &gt; 
11&gt;     </directory>

> > >
> > >

 1<directory "="" *"="" home="" resin="">  
 2&gt;     &gt; 
 3&gt;     <limit login="">  
 4&gt;     &gt; 
 5&gt;     Order deny,allow  
 6&gt;     &gt; 
 7&gt;     Deny from 0.0.0.0/0.0.0.0  
 8&gt;     &gt; 
 9&gt;     Allow from 202.204.15.0/255.255.255.0  
10&gt;     &gt; 
11&gt;     Allow from 202.204.14.0/255.255.255.0  
12&gt;     &gt; 
13&gt;     Allow from 192.168.199.0/255.255.255.0  
14&gt;     &gt; 
15&gt;     Allow from 192.168.200.0/255.255.255.0  
16&gt;     &gt; 
17&gt;     </limit>  
18&gt;     &gt; 
19&gt;     </directory>

> > >
> > >

1<directory *="">  
2&gt;     &gt; 
3&gt;       Umask                         022  022  
4&gt;     &gt; 
5&gt;       AllowOverwrite                on  
6&gt;     &gt; 
7&gt;     </directory>

> > >
> > > # A basic anonymous configuration, no upload directories.
> > >
> > > ##

 1<anonymous ~ftp="">  
 2&gt;     &gt; 
 3&gt;     ##   User                               ftp  
 4&gt;     &gt; 
 5&gt;     ##   Group                              nogroup  
 6&gt;     &gt; 
 7&gt;     ##   # We want clients to be able to login with "anonymous" as well as "ftp"  
 8&gt;     &gt; 
 9&gt;     ##   UserAlias                  anonymous ftp  
10&gt;     &gt; 
11&gt;     ##  
12&gt;     &gt; 
13&gt;     ##   RequireValidShell          off  
14&gt;     &gt; 
15&gt;     ##  
16&gt;     &gt; 
17&gt;     ##   # Limit the maximum number of anonymous logins  
18&gt;     &gt; 
19&gt;     ##   MaxClients                 10  
20&gt;     &gt; 
21&gt;     ##  
22&gt;     &gt; 
23&gt;     ##   # We want 'welcome.msg' displayed at login, and '.message' displayed  
24&gt;     &gt; 
25&gt;     ##   # in each newly chdired directory.  
26&gt;     &gt; 
27&gt;     ##   DisplayLogin                       welcome.msg  
28&gt;     &gt; 
29&gt;     ##   DisplayFirstChdir          .message  
30&gt;     &gt; 
31&gt;     ##  
32&gt;     &gt; 
33&gt;     ##   # Limit WRITE everywhere in the anonymous chroot  
34&gt;     &gt; 
35&gt;     ##   <directory *="">  
36&gt;     &gt; 
37&gt;     ##     <limit write="">  
38&gt;     &gt; 
39&gt;     ##       DenyAll  
40&gt;     &gt; 
41&gt;     ##     </limit>  
42&gt;     &gt; 
43&gt;     ##   </directory>  
44&gt;     &gt; 
45&gt;     ##  
46&gt;     &gt; 
47&gt;     ##   # Uncomment this if you're brave.  
48&gt;     &gt; 
49&gt;     ##   # <directory incoming="">  
50&gt;     &gt; 
51&gt;     ##   #   # Umask 022 is a good standard umask to prevent new files and dirs  
52&gt;     &gt; 
53&gt;     ##   #   # (second parm) from being group and world writable.  
54&gt;     &gt; 
55&gt;     ##   #   Umask                          022  022  
56&gt;     &gt; 
57&gt;     ##   #            <limit read="" write="">  
58&gt;     &gt; 
59&gt;     ##   #            DenyAll  
60&gt;     &gt; 
61&gt;     ##   #            </limit>  
62&gt;     &gt; 
63&gt;     ##   #            <limit stor="">  
64&gt;     &gt; 
65&gt;     ##   #            AllowAll  
66&gt;     &gt; 
67&gt;     #</limit></directory></anonymous>
Published At
Categories with 服务器类
Tagged with
comments powered by Disqus