proftpd/sme7/proftpd.conf

# This is the ProFTPD configuration file
# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $

ServerName                      "ProFTPD server"
ServerIdent                     on "FTP Server ready."
ServerAdmin                     root@localhost
ServerType                      standalone
#ServerType                     inetd
DefaultServer                   on
AccessGrantMsg                  "User %u logged in."
#DisplayConnect                 /etc/ftpissue
#DisplayLogin                   /etc/ftpmotd
#DisplayGoAway                  /etc/ftpgoaway
DeferWelcome                    off

# Use this to excude users from the chroot
DefaultRoot                     ~ !adm

# Use pam to authenticate (default) and be authoritative
AuthPAMConfig                   proftpd
AuthOrder                       mod_auth_pam.c* mod_auth_unix.c

# Do not perform ident nor DNS lookups (hangs when the port is filtered)
IdentLookups                    off
UseReverseDNS                   off

# Port 21 is the standard FTP port.
Port                            21

# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# Default to show dot files in directory listings
ListOptions                     "-a"

# See Configuration.html for these (here are the default values)
#MultilineRFC2228               off
#RootLogin                      off
#LoginPasswordPrompt            on
#MaxLoginAttempts               3
#MaxClientsPerHost              none
#AllowForeignAddress            off     # For FXP

# Allow to resume not only the downloads but the uploads too
AllowRetrieveRestart            on
AllowStoreRestart               on

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    20

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nobody

# Disable sendfile by default since it breaks displaying the download speeds in
# ftptop and ftpwho
UseSendfile                     no

# This is where we want to put the pid file
ScoreboardFile                  /var/run/proftpd.score

# Normally, we want users to do a few things.
<Global>
  AllowOverwrite                yes
  <Limit ALL SITE_CHMOD>
    AllowAll
  </Limit>
</Global>

# Define the log formats
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"

# TLS
# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
#TLSEngine                      on
#TLSRequired                    on
#TLSRSACertificateFile          /etc/pki/tls/certs/proftpd.pem
#TLSRSACertificateKeyFile       /etc/pki/tls/certs/proftpd.pem
#TLSCipherSuite                 ALL:!ADH:!DES
#TLSOptions                     NoCertRequest
#TLSVerifyClient                off
##TLSRenegotiate                ctrl 3600 data 512000 required off timeout 300
#TLSLog                         /var/log/proftpd/tls.log

# SQL authentication Dynamic Shared Object (DSO) loading
# See README.DSO and howto/DSO.html for more details.
#<IfModule mod_dso.c>
#   LoadModule mod_sql.c
#   LoadModule mod_sql_mysql.c
#   LoadModule mod_sql_postgres.c
#</IfModule>

# A basic anonymous configuration, with an upload directory.
#<Anonymous ~ftp>
#  User                         ftp
#  Group                                ftp
#  AccessGrantMsg               "Anonymous login ok, restrictions apply."
#
#  # We want clients to be able to login with "anonymous" as well as "ftp"
#  UserAlias                    anonymous ftp
#
#  # Limit the maximum number of anonymous logins
#  MaxClients                   10 "Sorry, max %m users -- try again later"
#
#  # Put the user into /pub right after login
#  #DefaultChdir                        /pub
#
#  # We want 'welcome.msg' displayed at login, '.message' displayed in
#  # each newly chdired directory and tell users to read README* files. 
#  DisplayLogin                 /welcome.msg
#  DisplayFirstChdir            .message
#  DisplayReadme                        README*
#
#  # Some more cosmetic and not vital stuff
#  DirFakeUser                  on ftp
#  DirFakeGroup                 on ftp
#
#  # Limit WRITE everywhere in the anonymous chroot
#  <Limit WRITE SITE_CHMOD>
#    DenyAll
#  </Limit>
#
#  # An upload directory that allows storing files but not retrieving
#  # or creating directories.
#  <Directory uploads/*>
#    AllowOverwrite             no
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>
#
#  # Don't write anonymous accesses to the system wtmp file (good idea!)
#  WtmpLog                      off
#
#  # Logging for the anonymous transfers
#  ExtendedLog          /var/log/proftpd/access.log WRITE,READ default
#  ExtendedLog          /var/log/proftpd/auth.log AUTH auth
#
#</Anonymous>

1	# This is the ProFTPD configuration file
2	# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
3
4	ServerName "ProFTPD server"
5	ServerIdent on "FTP Server ready."
6	ServerAdmin root@localhost
7	ServerType standalone
8	#ServerType inetd
9	DefaultServer on
10	AccessGrantMsg "User %u logged in."
11	#DisplayConnect /etc/ftpissue
12	#DisplayLogin /etc/ftpmotd
13	#DisplayGoAway /etc/ftpgoaway
14	DeferWelcome off
15
16	# Use this to excude users from the chroot
17	DefaultRoot ~ !adm
18
19	# Use pam to authenticate (default) and be authoritative
20	AuthPAMConfig proftpd
21	AuthOrder mod_auth_pam.c* mod_auth_unix.c
22
23	# Do not perform ident nor DNS lookups (hangs when the port is filtered)
24	IdentLookups off
25	UseReverseDNS off
26
27	# Port 21 is the standard FTP port.
28	Port 21
29
30	# Umask 022 is a good standard umask to prevent new dirs and files
31	# from being group and world writable.
32	Umask 022
33
34	# Default to show dot files in directory listings
35	ListOptions "-a"
36
37	# See Configuration.html for these (here are the default values)
38	#MultilineRFC2228 off
39	#RootLogin off
40	#LoginPasswordPrompt on
41	#MaxLoginAttempts 3
42	#MaxClientsPerHost none
43	#AllowForeignAddress off # For FXP
44
45	# Allow to resume not only the downloads but the uploads too
46	AllowRetrieveRestart on
47	AllowStoreRestart on
48
49	# To prevent DoS attacks, set the maximum number of child processes
50	# to 30. If you need to allow more than 30 concurrent connections
51	# at once, simply increase this value. Note that this ONLY works
52	# in standalone mode, in inetd mode you should use an inetd server
53	# that allows you to limit maximum number of processes per service
54	# (such as xinetd)
55	MaxInstances 20
56
57	# Set the user and group that the server normally runs at.
58	User nobody
59	Group nobody
60
61	# Disable sendfile by default since it breaks displaying the download speeds in
62	# ftptop and ftpwho
63	UseSendfile no
64
65	# This is where we want to put the pid file
66	ScoreboardFile /var/run/proftpd.score
67
68	# Normally, we want users to do a few things.
69	<Global>
70	AllowOverwrite yes
71	<Limit ALL SITE_CHMOD>
72	AllowAll
73	</Limit>
74	</Global>
75
76	# Define the log formats
77	LogFormat default "%h %l %u %t \"%r\" %s %b"
78	LogFormat auth "%v [%P] %h %t \"%r\" %s"
79
80	# TLS
81	# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
82	#TLSEngine on
83	#TLSRequired on
84	#TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
85	#TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
86	#TLSCipherSuite ALL:!ADH:!DES
87	#TLSOptions NoCertRequest
88	#TLSVerifyClient off
89	##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
90	#TLSLog /var/log/proftpd/tls.log
91
92	# SQL authentication Dynamic Shared Object (DSO) loading
93	# See README.DSO and howto/DSO.html for more details.
94	#<IfModule mod_dso.c>
95	# LoadModule mod_sql.c
96	# LoadModule mod_sql_mysql.c
97	# LoadModule mod_sql_postgres.c
98	#</IfModule>
99
100	# A basic anonymous configuration, with an upload directory.
101	#<Anonymous ~ftp>
102	# User ftp
103	# Group ftp
104	# AccessGrantMsg "Anonymous login ok, restrictions apply."
105	#
106	# # We want clients to be able to login with "anonymous" as well as "ftp"
107	# UserAlias anonymous ftp
108	#
109	# # Limit the maximum number of anonymous logins
110	# MaxClients 10 "Sorry, max %m users -- try again later"
111	#
112	# # Put the user into /pub right after login
113	# #DefaultChdir /pub
114	#
115	# # We want 'welcome.msg' displayed at login, '.message' displayed in
116	# # each newly chdired directory and tell users to read README* files.
117	# DisplayLogin /welcome.msg
118	# DisplayFirstChdir .message
119	# DisplayReadme README*
120	#
121	# # Some more cosmetic and not vital stuff
122	# DirFakeUser on ftp
123	# DirFakeGroup on ftp
124	#
125	# # Limit WRITE everywhere in the anonymous chroot
126	# <Limit WRITE SITE_CHMOD>
127	# DenyAll
128	# </Limit>
129	#
130	# # An upload directory that allows storing files but not retrieving
131	# # or creating directories.
132	# <Directory uploads/*>
133	# AllowOverwrite no
134	# <Limit READ>
135	# DenyAll
136	# </Limit>
137	#
138	# <Limit STOR>
139	# AllowAll
140	# </Limit>
141	# </Directory>
142	#
143	# # Don't write anonymous accesses to the system wtmp file (good idea!)
144	# WtmpLog off
145	#
146	# # Logging for the anonymous transfers
147	# ExtendedLog /var/log/proftpd/access.log WRITE,READ default
148	# ExtendedLog /var/log/proftpd/auth.log AUTH auth
149	#
150	#</Anonymous>
151