首页    新闻    下载    文档    论坛     最新漏洞    黑客教程    数据库    搜索    小榕软件实验室怀旧版    星际争霸WEB版    最新IP准确查询   
名称: 密码:      忘记密码  马上注册
操作系统 :: unix

wu-ftp管理脚本


http://www.gipsky.com/
  自己写的,可能有用,如果有问题,可以给我发站内短信



  注:test_client.sh可以根据自己的情况,如果与test_server.sh 不在同一台机器,



  需要调用autotelnet.sh



  -----------说明---------



  一、testftp_server.sh



  1、用法:



  Usage:



  ./testftp_server.sh {start|stop|restart|status|userconf|mini|limit|loginfails



  |view|access|message|guest|denyuser|denyhost}



  2、参数说明:



  start:



  改变配置文件,并启动FTP服务器;下一次系统启动时,会自动启动该服务。



  stop:



  改变配置文件,并停止FTP服务器;下一次系统启动时,不自动启动该服务。



  restart:



  重新启动FTP服务器。



  status:



  查看FTP服务器的运行状态(运行或停止)。



  userconf:



  为系统添加FTP用户,具体用法为:



  ./testftp_server.sh userconf username



  新添加的用户继承超级用户的密码。



  mini:



  最小化FTP服务器的配置文件,只留下FTP服务器正常运行所必须的配置项。



  limit:



  设置FTP服务器限制的各类用户的最大在线数目,具体用法为:



  ./testftp_server.sh limit user_count times



  user_count---为最大在线数目,脚本会根据FTP服务器的配置文件自动处理某类用户。



  times---times中的字符串用逗号隔开,每一个字串表示一天。星期一到星期日分别用



  Mo、Tu、We、Th、Fr、Sa和Su表示,周末也可以用Wk表示。



  表示时间的小时和分钟之间不要用冒号隔开。“-”用来表示范围。



  loginfails:



  设置用户最大的登录失败次数,具体用法为:



  ./testftp_server.sh loginfails failed_counts



  failed_counts---为用户最大的登录失败次数。



  view:



  查看FTP服务器的主配置文件的内容。



  access:



  设置FTP用户的存取权限,具体请查看使用脚本该功能的输出信息。



  message:



  设置FTP服务器显示的信息。



  guest:



  设置作为guest对待的用户,具体用法为:



  ./testftp_server.sh guest username



  denyuser:



  设置哪些用户不能登录FTP服务器,可以删除或者添加用户,用法:



  ./testftp_server.sh denyuser del/add username



  del/add---指明是从拒绝的用户列表中删除用户还是添加用户到拒绝的用户列表中。



  denyhost:



  指明哪些用户可以从哪些地址或拒绝哪些用户可以从哪些地址访问FTP服务器,用法:



  ./testftp_server.sh denyhost add/del allow/deny username hostname



  add---为添加一条规则到配置文件;如果用户名和主机名相同,则认为是同一条规则;



  del---为从配置文件删除一条规则;如果用户名和主机名相同,则认为是同一条规则;



  allow / deny---指明允许还是拒绝。



  username---为欲对其执行该规则的用户;



  hostname---为主机名。



  二、testftp_client.sh



  客户端脚本只测试服务器端的limit选项,即最大在线用户限制。用法:



  ./testftp_client.sh conn_count username password hostname



  其中:



  conn_count:



  与FTP服务器建立连接的数目,应该比FTP服务器的限制数目大;



  username:



  登录FTP服务器的用户名;



  password:



  登录FTP服务器的用户密码;



  hostname:



  FTP服务器的主机名或IP地址。



  --------------------------test_server.sh------------------------



  #!/bin/bash



  . /etc/rc.d/init.d/functions



  test -f /etc/ftpaccess



  if [ $? -ne 0 ] ; then



  echo -e " \007FTP Server congif file--/etc/ftpaccess not found !"



  echo " Please check the installion of the FTP Server !"



  exit 1



  else



  arg_count=$#



  fi



  class_defined(){



  if [ `grep -c ^class /etc/ftpaccess` -lt 1 ] ; then



  echo -e "\007Class define not found!"



  echo "Please run $0 mini or $0 mini real/aonoymous address first!"



  exit 1



  fi



  }



  start() {



  if [ -f /etc/xinetd.d/wu-ftpd ] ; then



  grep -v -E "disable|\}" /etc/xinetd.d/wu-ftpd >/etc/xinetd.d/wu-ftpd.tmp



  echo -e "\tdisable\t\t\t= no\n}" >> /etc/xinetd.d/wu-ftpd.tmp



  mv -f /etc/xinetd.d/wu-ftpd.tmp /etc/xinetd.d/wu-ftpd



  /etc/rc.d/init.d/xinetd restart > /dev/null 2>&1



  #Check Result



  if [ `/usr/bin/nmap -p21-21 localhost |grep -c ftp` -eq 1 ] ; then



  echo "Start FTP SERVER Succeed!"



  else



  echo "Start FTP SERVER Failed!"



  fi



  fi



  }



  stop() {



  if [ -f /etc/xinetd.d/wu-ftpd ] ; then



  grep -v -E "disable|\}" /etc/xinetd.d/wu-ftpd >/etc/xinetd.d/wu-ftpd.tmp



  echo -e "\tdisable\t\t\t= yes\n}" >> /etc/xinetd.d/wu-ftpd.tmp



  mv -f /etc/xinetd.d/wu-ftpd.tmp /etc/xinetd.d/wu-ftpd



  /etc/rc.d/init.d/xinetd restart > /dev/null 2>&1



  #Check Result



  if [ `/usr/bin/nmap -p21-21 localhost |grep -c ftp` -eq 0 ] ; then



  echo "Stop FTP SERVER Succeed!"



  else



  echo "Stop FTP SERVER Failed!"



  fi



  fi



  }



  status(){



  if [ `/usr/bin/nmap -p21-21 localhost |grep -c ftp` -eq 1 ] ; then



  echo "FTP SERVER is running!"



  else



  echo "FTP SERVER stoped!"



  fi



  }



  userconf(){



  if [ -d /home/ftp/ ] ; then



  echo "The directory /home/ftp/ does exist"



  else



  mkdir /home/ftp/



  fi



  if [ `grep -c ^$username /etc/passwd` -ne 1 ] ; then



  useradd -d /home/ftp/$username -s /dev/null $username



  echo "User $username added"



  grep -v ^$username /etc/shadow > /etc/shadow.tmp



  echo "$username:`grep ^root /etc/shadow |cut -f 2-9 -d :`" >> /etc/shadow.tmp



  mv -f /etc/shadow.tmp /etc/shadow



  echo "User $username password is root's password"



  fi



  grep -v ^$username /etc/passwd > /etc/passwd.tmp



  echo "`grep ^$username /etc/passwd |cut -f 1-5 -d :`:/home/ftp/./$username/:/dev/null" >> /etc/passwd.tmp



  mv -f /etc/passwd.tmp /etc/passwd



  echo "Config User $username shells succeed"



  if [ `grep -c null /etc/shells` -ne 1 ] ; then



  echo -e "/dev/null" >> /etc/shells



  echo " System Shell /dev/null added"



  fi



  if [ -d /home/ftp/dev/ ] ; then



  echo "The directory /home/ftp/dev/ does exist"



  else



  mkdir /home/ftp/dev



  echo "Create directory /home/ftp/dev succeed"



  fi



  if [ -d /home/ftp/etc/ ] ; then



  echo "The directory /home/ftp/etc/ does exist"



  else



  mkdir /home/ftp/etc



  echo "Create directory /home/ftp/etc succeed"



  fi



  if [ -d /home/ftp/bin/ ] ; then



  echo "The directory /home/ftp/bin/ does exist"



  else



  mkdir /home/ftp/bin



  echo "Create directory /home/ftp/bin succeed"



  fi



  if [ -d /home/ftp/lib/ ] ; then



  echo "The directory /home/ftp/lib/ does exist"



  else



  mkdir /home/ftp/lib



  echo "Create directory /home/ftp/lib succeed"



  fi



  chmod 0511 /home/ftp/dev/ /home/ftp/etc/ /home/ftp/bin/ /home/ftp/lib/ -R



  if [ -c /home/ftp/dev/null ] ; then



  echo "The directory /home/ftp/dev/null does exist"



  else



  mknod /home/ftp/dev/null c 1 3



  chmod 666 /home/ftp/dev/null



  echo "The nod /home/ftp/dev/null added"



  fi



  if [ -f /home/ftp/etc/passwd ] ; then



  :



  else



  echo "`grep ^root /etc/passwd`" > /home/ftp/etc/passwd



  echo "`grep ^$username /etc/passwd`" >> /home/ftp/etc/passwd



  echo "/home/ftp/etc/passwd config succeed"



  fi



  if [ -f /home/ftp/etc/group ] ; then



  :



  else



  echo "`grep ^root /etc/group`" > /home/ftp/etc/group



  echo "`grep ^$username /etc/group`" >> /home/ftp/etc/group



  echo "/home/ftp/etc/group config succeed"



  fi



  }



  mini(){



  if [ $arg_count -eq 1 ] ; then



  if [ -f /etc/ftpaccess.bak ] ; then



  grep ^class /etc/ftpaccess.bak > /etc/ftpaccess



  echo "Mini Config File ready,now,run ftpclient.sh from client!"



  else



  cp /etc/ftpaccess /etc/ftpaccess.bak



  grep ^class /etc/ftpaccess.bak > /etc/ftpaccess



  echo "Mini Config File ready,now,run ftpclient.sh from client!"



  fi



  elif [ $arg_count -eq 3 ] ; then



  echo -e "class\t$arg_type\t$arg_type\t$arg_addr" > /etc/ftpaccess



  echo "Only $arg_type user from $arg_addr be allowed to use the FTP Server"



  else



  echo -e $"\007Usage:\t$0 mini or $0 mini real/aonoymous address"



  echo -e "\tUse \* or "*" or '*' to replace Any address"



  fi



  }



  limit(){



  class_defined



  if [ $arg_count -ne 3 ] ; then



  echo -e "\007Usage:\t\n$0 limit user_count times"



  echo -e "\tuser_count --- MAX online users at the same time\n"



  echo -e "\ttimes --- during the period of online users limited"



  echo -e "\tMo --- Monday"



  echo -e "\tTu --- Tuesday"



  echo -e "\tWe --- Wednesday"



  echo -e "\tTh --- Thursday"



  echo -e "\tFr --- Friday"



  echo -e "\tSa --- Saturday"



  echo -e "\tSu --- Sunday"



  echo -e "\tWk --- Weekend"



  echo -e "\t0000-1800 --- from 00:00 to 18:00"



  echo -e "\tMoTuWe --- Monday,Tuesday and Wednesday"



  else



  grep -v ^limit /etc/ftpaccess |grep -v ^$ > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  echo -e "limit\t$arg_class\t$arg_user_count\t$times\t/home/ftp/.too_many.$arg_class" >> /etc/ftpaccess



  echo -e "\nMore than $arg_user_count ($arg_class class) users online." > /home/ftp/.too_many.$arg_class



  echo -e "\nPlease try a later!" >> /home/ftp/.too_many.$arg_class



  echo " Online $arg_class user limited to $arg_user_count at $times!"



  fi



  }



  loginfails(){



  class_defined



  if [ `grep -c ^loginfails /etc/ftpaccess` -eq 1 ] ; then



  grep -v ^loginfails /etc/ftpaccess > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  fi



  if [ $arg_count -ne 2 ] ; then



  echo -e "\007Usage:\t$0 loginfails failed_counts"



  else



  echo -e "loginfails\t$failed_count" >> /etc/ftpaccess



  echo "loginfails count limited to $failed_count !"



  fi



  }



  view(){



  echo -e "\n* * * * * /etc/ftpaccess * * * * *\n "



  cat /etc/ftpaccess



  echo -e "\n* * * * * /etc/ftpusers * * * * *\n "



  cat /etc/ftpusers



  echo -e "\n* * * * * /etc/ftphosts * * * * *\n "



  cat /etc/ftphosts



  # echo -e "\n****/etc/ftpgroups****\n "



  # cat /etc/ftpgroups



  # echo -e "\n****/etc/ftpconversions****\n "



  # cat /etc/ftpconversions



  }



  access(){



  class_defined



  if [ `grep -c ^guestgroup /etc/ftpaccess` -lt 1 ] ; then



  echo -e "\007\nGuestgroup define not found! please run $0 guest username first !"



  exit 1



  fi



  if [ `grep -c ^upload /etc/ftpaccess` -ne 0 ] ; then



  grep -v ^upload /etc/ftpaccess > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  fi



  if [ -d /home/ftp/upload ] ;then



  echo "Directory /home/ftp/upload exist !"



  else



  mkdir /home/ftp/upload



  chmod a w /home/ftp/upload



  echo "Directory /home/ftp/upload for user to upload files redeay !"



  fi



  echo -e "\nupload\t/home/ftp/*\t/\tno" >> /etc/ftpaccess



  echo -e "upload\t/home/ftp/*\t/etc\tno" >> /etc/ftpaccess



  echo -e "upload\t/home/ftp/*\t/dev\tno"\n >> /etc/ftpaccess



  echo -e "\nupload\t/home/ftp\t/upload\tyes\troot\tftpadmin\t0600\tnodirs\n" >> /etc/ftpaccess



  echo "You can upload files only to directory /upload !"



  grep -v ^chmod /etc/ftpaccess |grep -v ^delete |grep -v ^rename |grep -v ^overwrite > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  echo -e "\nchmod\t\tno\tguest,anonymous" >> /etc/ftpaccess



  echo -e "delete\t\tno\tanonymous" >> /etc/ftpaccess



  echo -e "overwrite\tno\tanonymous" >> /etc/ftpaccess



  echo -e "rename\t\tno\tanonymous" >> /etc/ftpaccess



  echo -e "rename\t\tyes\treal\n" >> /etc/ftpaccess



  grep -v ^noretrieve /etc/ftpaccess > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  echo -e "\nnoretrieve\t/home/ftp/upload" >> /etc/ftpaccess



  # echo -e "noretrieve\t/home/ftp/dev" >> /etc/ftpaccess



  # echo -e "noretrieve\t/home/ftp/lib" >> /etc/ftpaccess



  # echo -e "noretrieve\t/home/ftp/bin\n" >> /etc/ftpaccess



  echo "You couldn't download files from directory /home/ftp/upload !"



  grep -v ^guest-root /etc/ftpaccess |grep -v ^restricted-gid |grep -v ^restricted-uid > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  echo -e "\nguest-root\t/home/ftp\tftpadmin" >> /etc/ftpaccess



  echo -e "restricted-uid\tftpadmin" >>/etc/ftpaccess



  echo -e "restricted-gid\tftpadmin\n" >>/etc/ftpaccess



  }



  message(){



  class_defined



  grep -v ^message /etc/ftpaccess |grep -v ^readme |grep -v ^greeting >/etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  echo -e "\nThis is MESSAGE TEST ,if you see the information ,congratulations !\n" >/home/ftp/.welcome.msg



  echo -e "\nmessage\t/home/ftp/.welcome.msg\tLOGIN" >> /etc/ftpaccess



  echo -e "\nThis is README TEST ,if you see the information ,congratulations !\n" > /home/ftp/README.txt



  echo -e "readme\treadme\tREADME*\tlogin" >> /etc/ftpaccess



  echo -e "readme\tREADME*\tcwd=*" >> /etc/ftpaccess



  echo -e "greeting\tterse\n" >> /etc/ftpaccess



  echo -e "Only "FTP server ready" echo when connected !"



  }



  security(){



  class_defined



  grep -v commands /etc/ftpaccess |grep -v transfers |grep -v security |grep -v ^passwd_check > /etc/ftpaccess.tmp



  mv -f /etc/ftpaccess.tmp /etc/ftpaccess



  echo -e "\nlog\tcommands\treal,guest" >> /etc/ftpaccess



  echo -e "log\ttransfers\treal,guest\tinbound,outbound" >> /etc/ftpaccess



  echo "Commands used by real users and guest users loged to /var/log/message !"



  echo -e "passwd-check\trfc822\tenforce" >> /etc/ftpaccess



  echo "If the password isn't the rfc822 email address,you will not login in !"



  }



  guest(){



  class_defined



  if [ $arg_count -ne 2 ] ; then



  echo -e "\007\nUsage: $0 guest username !\n"



  exit 1



  fi



  if [ `grep -c ^$username /etc/passwd` -lt 1 ] ; then



  echo -e "\007The user $username does not exist.\nPlease run $0 userconf first !"



  exit 1



  fi



  if [ `grep ^guestgroup /etc/ftpaccess |grep -c $username` -ge 1 ] ; then



  echo -e "\007\nUser $username does exist in guestgroup !\nTry another user"



  else



  echo -e "\nguestgroup\t$username" >> /etc/ftpaccess



  echo -e "User $username added to guestgroup !"



  fi



  }



  denyuser(){



  if [ $arg_count -ne 3 ] ; then



  echo -e "\n\007Usage: $0 denyuser add/del username !\n"



  exit 1



  fi



  if [ -f /etc/ftpusers ] ; then



  echo -e "\nDeny-userlist file ready !"



  else



  echo "Deny-userlist file not found !"



  touch /etc/ftpusers



  chmod 0600 /etc/ftpusers



  echo "Create it(/etc/ftpusers) succeed !"



  fi



  if [ `grep -c ^$username /etc/passwd` -lt 1 ] ; then



  echo -e "\007\nThe user $username does not exist.\nPlease run $0 userconf first !"



  exit 1



  fi



  case "$action" in



  add)



  if [ `grep -c ^$username /etc/ftpusers` -ge 1 ] ; then



  echo -e "\007\nUser $username does exist in deny-userlist !\nTry another user"



  else



  echo "$username" >> /etc/ftpusers



  echo -e "User $username added to deny-userlist !"



  fi



  ;;



  del)



  grep -v ^$username /etc/ftpusers > /etc/ftpusers.tmp



  mv -f /etc/ftpusers.tmp /etc/ftpusers



  echo "User $username deleted from deny-userlist !"



  ;;



  *)



  echo -e "\007Usage: $0 denyuser "add/del" username"



  ;;



  esac



  }



  denyhost(){



  if [ $arg_count -ne 5 ] ; then



  echo -e "\007\nUsage: $0 denyhost add/del allow/deny username hostname !\n"



  exit 1



  fi



  if [ -f /etc/ftphosts ] ; then



  echo -e "\nDeny-hostlist file ready !"



  else



  echo "Deny-hostlist file not found !"



  touch /etc/ftphosts



  chmod 0600 /etc/ftphosts



  echo "Create it(/etc/ftphosts) succeed !"



  fi



  case "$action" in



  add)



  if [ `grep -w $hostname /etc/ftphosts | grep -w -c $username` -ge 1 ] ; then



  echo -e "\007\nDeny-rule "$rule $username $hostname" does exist in deny-hostlist!\nTry another rule"



  else



  echo -e "$rule\t$username\t$hostname" >> /etc/ftphosts



  echo -e "Deny-rule "$rule $username $hostname" added to deny-hostlist !"



  fi



  ;;



  del)



  if [ `grep $hostname /etc/ftphosts |grep -c $username` -lt 1 ] ; then



  echo -e "\007\nDeny-rule "$rule $username $hostname" does not exist in deny-hostlist!\nTry another rule"



  else



  grep -w -v $username /etc/ftphosts > /etc/ftphosts.tmp



  grep -w $username /etc/ftphosts |grep -v $hostname$ >> /etc/ftphosts.tmp



  mv /etc/ftphosts.tmp /etc/ftphosts



  echo -e "\nDeny-reul "$rule $username $hostname" deleted from deny-hostlist !"



  fi



  ;;



  *)



  echo -e "\007\nUsage: $0 denyhost add/del allow/deny username hostname !\n"



  ;;



  esac



  }



  case "$1" in



  start)



  start



  ;;



  stop)



  stop



  ;;



  status)



  status



  ;;



  restart)



  stop



  start



  ;;



  userconf)



  if [ $arg_count -lt 2 ] ; then



  echo -e $"\007Usage: $0 userconf username"



  exit 1



  fi



  username=$2



  userconf



  ;;



  mini)



  arg_type=$2



  arg_addr=$3



  mini



  ;;



  limit)



  arg_class=`grep ^class /etc/ftpaccess |tr -s "[ ]" |cut -f 2 -d " "|cut -f 2`



  arg_user_count=$2



  times=$3



  limit



  ;;



  loginfails)



  failed_count=$2



  loginfails



  ;;



  view)



  view



  ;;



  access)



  access



  ;;



  message)



  message



  ;;



  guest)



  username=$2



  guest



  ;;



  denyuser)



  action=$2



  username=$3



  denyuser



  ;;



  denyhost)



  if [ $arg_count -ne 5 ] ; then



  echo -e "\007\nUsage: $0 denyhost add/del allow/deny username hostname !\n"



  exit 1



  fi



  action=$2



  rule=$3



  username=$4



  hostname=$5



  denyhost



  ;;



  *)



  echo -e $"\007Usage:\n\t$0 {start|stop|restart|status|userconf|mini|limit|loginfails\n\t\t\t |view|access|message|guest|denyuser|denyhost}"



  exit 1



  esac



  -------------------------------test_client.sh--------------------------



  #!/bin/sh



  flags=1



  conn_count=$1



  username=$2



  password=$3



  hostname=$4



  usage()



  {



  echo -e "\007Usage:"



  echo "`basename $0` conn_count username password hostname"



  echo



  exit 1



  }



  if [ $# -lt 4 ]



  then



  usage



  fi



  if [ `/usr/bin/nmap -p21-21 localhost |grep -c ftp` -ne 1 ] ; then



  echo -e "\007\nFTP SERVER stoped!"



  fi



  killall -9 nc 2>/dev/null



  echo -e "\tF T P E C H O" > /tmp/ftpecho



  while [ $flags -le $conn_count ]



  do



  echo -e "USER $username\nPASS $password\n" | nc $hostname 21 > /tmp/ftpecho &



  sleep 1



  if [ `grep -c "530-Please-try-a-later!" /tmp/ftpecho` -eq 1 ] ; then



  echo -e "\007\n\t`expr $flags - 1` online users limit reached, Please try a later !\n"



  break



  fi



  echo -e "\n\t$flags FTP Connection Completed!"



  flags=`expr $flags 1`



  done



  ----------------------------autotelnet.sh-----------------------------



  #!/usr/bin/expect -f



  # wrapper to make passwd(1) be non-interactive



  # username is passed as 1st arg, passwd as 2nd



  set machine [lindex $argv 0]



  set user [lindex $argv 1]



  set password [lindex $argv 2]



  #set send_human {.2 .4 1 .5 2}



  #exec adduser $user



  spawn telnet $machine



  expect "login:"



  #exec sleep 1



  send "$user\r"



  expect "Password:"



  #exec sleep 1



  send "$password\r"



  #exec sleep 1



  send "exit\r"



  expect eof
<< FTP手把手教 用vsftp自架Linux网络安装服务器,以及Redhat局域网安装的解决办法 >>
API:
gipsky.com& 安信网络
网友个人意见,不代表本站立场。对于发言内容,由发表者自负责任。

系统导航

 

Copyright © 2001-2010 安信网络. All Rights Reserved
京ICP备05056747号