# -*- coding: utf-8; mode: python -*-
include("ip")
@#
@# Config geree par bcfg2
@#
@# /etc/proftpd.conf -- This is a basic ProFTPD configuration file.
@# To really apply changes reload proftpd after modifications.
@#
@
out('ServerName "%s"' % (hostname,))
@ServerType standalone
@DeferWelcome off
@
@MultilineRFC2228 on
@DefaultServer on
@ShowSymlinks on
@
@TimeoutNoTransfer 600
@TimeoutStalled 600
@TimeoutIdle 1200
@
@DisplayLogin welcome.msg
@DisplayChdir .message
@ListOptions "-l"
@
@DenyFilter \*.*/
@
@# Uncomment this if you are using NIS or LDAP to retrieve passwords:
@#PersistentPasswd off
@
@# Uncomment this if you would use TLS module:
@#TLSEngine on
@
@# Uncomment this if you would use quota module:
@#Quotas on
@
@# Uncomment this if you would use ratio module:
@#Ratios on
@
@# Port 21 is the standard FTP port.
@Port 21
@
@# To prevent DoS attacks, set the maximum number of child processes
@# to 30. If you need to allow more than 30 concurrent connections
@# at once, simply increase this value. Note that this ONLY works
@# in standalone mode, in inetd mode you should use an inetd server
@# that allows you to limit maximum number of processes per service
@# (such as xinetd)
@MaxInstances 10
@
@# Set the user and group that the server normally runs at.
@User nobody
@Group nogroup
@
@# Umask 022 is a good standard umask to prevent new files and dirs
@# (second parm) from being group and world writable.
@Umask 022 022
@# Normally, we want files to be overwriteable.
@AllowOverwrite on
@
@# Delay engine reduces impact of the so-called Timing Attack described in
@# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
@# It is on by default.
@#DelayEngine off
@
@# A basic anonymous configuration, no upload directories.
@
@# Que ftp
@
@ Order Allow,Deny
@ DenyAll
@ AllowUser ftp
@ Allow from tinybrother.adm.crans.org,littlebrother.adm.crans.org,bigbrother.adm.crans.org,hugebrother.adm.crans.org
@
@
@
@ User ftp
@ Group nogroup
@ RequireValidShell off
@