########################### # pure-ftpd.conf ########################### Bind                                 21(ftp监听端口) ChrootEveryone              yes BrokenClientsCompatibility  no MaxClientsNumber            50 Daemonize                   yes MaxClientsPerIP             8 VerboseLog                  no DisplayDotFiles             yes AnonymousOnly               no NoAnonymous                 yes SyslogFacility              ftp DontResolve                 yes MaxIdleTime                 15 LimitRecursion              10000 8 AnonymousCanCreateDirs      no MaxLoad                     5 AntiWarez                   yes Umask                       133:022 MinUID                      100 AllowUserFXP                no AllowAnonymousFXP           no ProhibitDotFilesWrite       no ProhibitDotFilesRead        no AutoRename                  no AnonymousCantUpload         no MaxDiskUsage               99 CustomerProof              yes AllowOverwrite  on AllowStoreRestart on UnixAuthentication          yes PassivePortRange            30000 30500 (此处如果设置的太少会导致用户连接时连接数太少) MySQLConfigFile             /etc/pureftpd-mysql.conf ########################### # pureftpd-mysql.conf ########################### MYSQLSocket     /tmp/mysql.sock MYSQLServer     localhost MYSQLPort       3306 MYSQLUser       sa MYSQLPassword   123456 MYSQLDatabase   pureftpd MYSQLCrypt      md5 MYSQLGetPW      SELECT password FROM pure_ftp WHERE user='\L' AND status="0" MYSQLGetUID     SELECT uid FROM pure_ftp WHERE user='\L' AND status="0" MYSQLGetGID     SELECT gid FROM pure_ftp WHERE user='\L' AND status="0" MYSQLGetDir     SELECT dir FROM pure_ftp WHERE user='\L' AND status="0" MySQLGetQTAFS   SELECT quotafiles FROM pure_ftp WHERE user='\L' AND status="0" MySQLGetQTASZ   SELECT quotasize FROM pure_ftp WHERE user='\L' AND status="0" MySQLGetBandwidthUL SELECT ulbandwidth FROM pure_ftp WHERE user='\L' AND status="0" MySQLGetBandwidthDL SELECT dlbandwidth FROM pure_ftp WHERE user='\L' AND status="0" ############################## iptables配置信息 ############################## [root@10isp.com~]# cat /etc/sysconfig/iptables *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [272:211858] :RH-Firewall-1-INPUT - [0:0] -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 30000:30500 -j ACCEPT -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p esp -j ACCEPT -A RH-Firewall-1-INPUT -p ah -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT