一、testftp_server.sh
1、用法:
Usage:
./testftp_server.sh {start|stop|restart|status|userconf|mini|limit|loginfails|view|access|message|guest|denyuser|denyhost}
2、參數說明:
start:
改變配置文件,並啟動FTP服務器;下一次系統啟動時,會自動啟動該服務。
stop:
改變配置文件,並停止FTP服務器;下一次系統啟動時,不自動啟動該服務。
restart:
重新啟動FTP服務器。
status:
查看FTP服務器的運行狀態(運行或停止)。
userconf:
為系統添加FTP用戶,具體用法為:
./testftp_server.sh userconf username
新添加的用戶繼承超級用戶的密碼。
mini:
最小化FTP服務器的配置文件,只留下FTP服務器正常運行所必須的配置項。
limit:
設置FTP服務器限制的各類用戶的最大在線數目,具體用法為:
./testftp_server.sh limit user_count times
user_count---為最大在線數目,腳本會根據FTP服務器的配置文件自動處理某類用戶。
times---times中的字符串用逗號隔開,每一個字串表示一天。星期一到星期日分別用Mo、Tu、We、Th、Fr、Sa和Su表示,周末也可以用Wk表示。表示時間的小時和分鐘之間不要用冒號隔開。“-”用來表示范圍。
loginfails:
設置用戶最大的登錄失敗次數,具體用法為:
./testftp_server.sh loginfails failed_counts
failed_counts---為用戶最大的登錄失敗次數。
view:
查看FTP服務器的主配置文件的內容。
access:
設置FTP用戶的存取權限,具體請查看使用腳本該功能的輸出信息。
message:
設置FTP服務器顯示的信息。
guest:
設置作為guest對待的用戶,具體用法為:
./testftp_server.sh guest username
denyuser:
設置哪些用戶不能登錄FTP服務器,可以刪除或者添加用戶,用法:
./testftp_server.sh denyuser del/add username
del/add---指明是從拒絕的用戶列表中刪除用戶還是添加用戶到拒絕的用戶列表中。
denyhost:
指明哪些用戶可以從哪些地址或拒絕哪些用戶可以從哪些地址訪問FTP服務器,用法:
./testftp_server.sh denyhost add/del allow/deny username hostname
add---為添加一條規則到配置文件;如果用戶名和主機名相同,則認為是同一條規則;
del---為從配置文件刪除一條規則;如果用戶名和主機名相同,則認為是同一條規則;
allow / deny---指明允許還是拒絕。
username---為欲對其執行該規則的用戶;
hostname---為主機名
二、testftp_client.sh
客戶端腳本只測試服務器端的limit選項,即最大在線用戶限制。用法:
./testftp_client.sh conn_count username password hostname
其中:
conn_count:
與FTP服務器建立連接的數目,應該比FTP服務器的限制數目大;
username:
登錄FTP服務器的用戶名;
password:
登錄FTP服務器的用戶密碼;
hostname:
FTP服務器的主機名或IP地址
FTP服務器的主機名或IP地址。
--------------------------test_server.sh------------------------
#!/bin/bash
. /etc/rc.d/init.d/functionstest -f /etc/ftpaccess
if [ $? -ne 0 ] ; then
echo -e " \007FTP Server congif file--/etc/ftpaccess not found !"
echo " Please check the installion of the FTP Server !"
exit 1
else
arg_count=$#
ficlass_defined(){
echo "Please run {GetProperty(Content)} mini or {GetProperty(Content)} mini real/aonoymous address first!"
exit 1
fi
}
start() {
if [ -f /etc/xinetd.d/wu-ftpd ] ; then
grep -v -E "disable|\}" /etc/xinetd.d/wu-ftpd >/etc/xinetd.d/wu-ftpd.tmp
echo -e "\tdisable\t\t\t= no\n}" >> /etc/xinetd.d/wu-ftpd.tmp
mv -f /etc/xinetd.d/wu-ftpd.tmp /etc/xinetd.d/wu-ftpd
/etc/rc.d/init.d/xinetd restart > /dev/null 2>&1
#Check Result
if [ `/usr/bin/nmap -p21-21 localhost |grep -c ftp` -eq 1 ] ; then
echo "Start FTP SERVER Succeed!"
else
echo "Start FTP SERVER Failed!"
fi
fi
}stop() {
if [ -f /etc/xinetd.d/wu-ftpd ] ; then
grep -v -E "disable|\}" /etc/xinetd.d/
wu-ftpd >/etc/xinetd.d/wu-ftpd.tmp
echo -e "\tdisable\t\t\t= yes\n}" >> /
etc/xinetd.d/wu-ftpd.tmp
mv -f /etc/xinetd.d/wu-ftpd.tmp /etc/xinetd.d/wu-ftpd
/etc/rc.d/init.d/xinetd restart > /dev/null 2>&1
#Check Result
if [ `/usr/bin/nmap -p21-21 localhost |grep -c ftp` -eq 0 ] ; then
echo "Stop FTP SERVER Succeed!"
else
echo "Stop FTP SERVER Failed!"
fi
fi
}echo "FTP SERVER is running!"
else
echo "FTP SERVER stoped!"
fi
}userconf(){
if [ -d /home/ftp/ ] ; then
echo "The directory /home/ftp/ does exist"
else
mkdir /home/ftp/
fiif [ `grep -c ^$username /etc/passwd` -ne 1 ] ; then
useradd -d /home/ftp/$username -s /dev/null $username
echo "User $username added"
grep -v ^$username /etc/shadow > /etc/shadow.tmp
echo "$username:`grep ^root /etc/shadow |cut -f 2-9 -d :`" >>
/etc/shadow.tmp
mv -f /etc/shadow.tmp /etc/shadow
echo "User $username password is root's password"
figrep -v ^$username /etc/passwd > /etc/passwd.tmp
echo "`grep ^$username /etc/passwd |cut -f 1-5
-d :`:/home/ftp/./$username/:/dev/null" >> /etc/passwd.tmp
mv -f /etc/passwd.tmp /etc/passwd
echo "Config User $username shells succeed"
if [ `grep -c null /etc/shells` -ne 1 ] ; then
echo -e "/dev/null" >> /etc/shells
echo " System Shell /dev/null added"
fiif [ -d /home/ftp/dev/ ] ; then
echo "The directory /home/ftp/dev/ does exist"
else
mkdir /home/ftp/dev
echo "Create directory /home/ftp/dev succeed"
fiif [ -d /home/ftp/etc/ ] ; then
echo "The directory /home/ftp/etc/ does exist"echo "Create directory /home/ftp/etc succeed"
fiif [ -d /home/ftp/bin/ ] ; then
echo "The directory /home/ftp/bin/ does exist"
else
mkdir /home/ftp/bin
echo "Create directory /home/ftp/bin succeed"
fiif [ -d /home/ftp/lib/ ] ; then
echo "The directory /home/ftp/lib/ does exist"
else
mkdir /home/ftp/lib
echo "Create directory /home/ftp/lib succeed"
fichmod 0511 /home/ftp/dev/ /home/ftp/etc/ /home/ftp/bin/ /home/ftp/lib/ -R
if [ -c /home/ftp/dev/null ] ; then
echo "The directory /home/ftp/dev/null does exist"
else
mknod /home/ftp/dev/null c 1 3
chmod 666 /home/ftp/dev/null
echo "The nod /home/ftp/dev/null added"
fiif [ -f /home/ftp/etc/passwd ] ; then
:
else
echo "`grep ^root /etc/passwd`" > /home/ftp/etc/passwd
echo "`grep ^$username /etc/passwd`" >> /home/ftp/etc/passwd
echo "/home/ftp/etc/passwd config succeed"
fiif [ -f /home/ftp/etc/group ] ; then
:
else
echo "`grep ^root /etc/group`" > /home/ftp/etc/group
echo "`grep ^$username /etc/group`" >> /home/ftp/etc/group
echo "/home/ftp/etc/group config succeed"
fi
}mini(){
if [ $arg_count -eq 1 ] ; then
if [ -f /etc/ftpaccess.bak ] ; then
grep ^class /etc/ftpaccess.bak > /etc/ftpaccess
echo "Mini Config File ready,now,run ftpclient.sh from client!"grep ^class /etc/ftpaccess.bak > /etc/ftpaccess
echo "Mini Config File ready,now,run ftpclient
.sh from client!"
fi
elif [ $arg_count -eq 3 ] ; then
echo -e "class\t$arg_type\t$arg_type\t$arg_addr" > /etc/ftpaccess
echo "Only $arg_type user from $arg_addr be allowed to use the FTP Server"
else
echo -e $"\007Usage:\t{GetProperty(Content)} mini or {GetProperty(Content)} mini real/aonoymous address"
echo -e "\tUse \* or \"*\" or '*' to replace Any address"
fi
}
limit(){
class_defined
if [ $arg_count -ne 3 ] ; then
echo -e "\007Usage:\t\n{GetProperty(Content)} limit user_count times"
echo -e "\tuser_count --- MAX online users at the same time\n"
echo -e "\ttimes --- during the period of online users limited"
echo -e "\tMo --- Monday"
echo -e "\tTu --- Tuesday"
echo -e "\tWe --- Wednesday"
echo -e "\tTh --- Thursday"
echo -e "\tFr --- Friday"
echo -e "\tSa --- Saturday"
echo -e "\tSu --- Sunday"
echo -e "\tWk --- Weekend"
echo -e "\t0000-1800 --- from 00:00 to 18:00"
echo -e "\tMoTuWe --- Monday,Tuesday and Wednesday"
else
grep -v ^limit /etc/ftpaccess |grep -v ^$ > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
echo -e "limit\t$arg_class\t$arg_user_count\t$times\t/home/ftp/.
too_many.$arg_class" >> /etc/ftpaccess
echo -e "\nMore than $arg_user_count ($arg_class class) users online."
> /home/ftp/.too_many.$arg_class
echo -e "\nPlease try a later!" >> /home/ftp/.too_many.$arg_class
echo " Online $arg_class user limited to $arg_user_count at $times!"
fi
}loginfails(){
class_defined
if [ `grep -c ^loginfails /etc/ftpaccess` -eq 1 ] ; then
grep -v ^loginfails /etc/ftpaccess > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
fi
if [ $arg_count -ne 2 ] ; then
echo -e "\007Usage:\t{GetProperty(Content)} loginfails failed_counts"e "loginfails\t$failed_count" >> /etc/ftpaccess
echo "loginfails count limited to $failed_count !"
fi
}
view(){
echo -e "\n* * * * * /etc/ftpaccess * * * * *\n "
cat /etc/ftpaccess
echo -e "\n* * * * * /etc/ftpusers * * * * *\n "
cat /etc/ftpusers
echo -e "\n* * * * * /etc/ftphosts * * * * *\n "
cat /etc/ftphosts
# echo -e "\n****/etc/ftpgroups****\n "
# cat /etc/ftpgroups
# echo -e "\n****/etc/ftpconversions****\n "
# cat /etc/ftpconversions
}
access(){
class_defined
if [ `grep -c ^guestgroup /etc/ftpaccess` -lt 1 ] ; then
echo -e "\007\nGuestgroup define not found! please
run {GetProperty(Content)} guest username first !"
exit 1
fiif [ `grep -c ^upload /etc/ftpaccess` -ne 0 ] ; then
grep -v ^upload /etc/ftpaccess > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
fi
if [ -d /home/ftp/upload ] ;then
echo "Directory /home/ftp/upload exist !"
else
mkdir /home/ftp/upload
chmod a+w /home/ftp/upload
echo "Directory /home/ftp/upload for user to upload files redeay !"
fi
echo -e "\nupload\t/home/ftp/*\t/\tno" >> /etc/ftpaccess
echo -e "upload\t/home/ftp/*\t/etc\tno" >> /etc/ftpaccess
echo -e "upload\t/home/ftp/*\t/dev\tno"\n >> /etc/ftpaccess
echo -e "\nupload\t/home/ftp\t/upload\tyes\troot\tftpadmin\t0600\
tnodirs\n" >> /etc/ftpaccess
echo "You can upload files only to directory /upload !"
grep -v ^chmod /etc/ftpaccess |grep -v ^delete |grep -v ^rename |
grep -v ^overwrite > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
echo -e "\nchmod\t\tno\tguest,anonymous" >> /etc/ftpaccess
echo -e "delete\t\tno\tanonymous" >> /etc/ftpaccess
echo -e "overwrite\tno\tanonymous" >> /etc/ftpaccess
echo -e "rename\t\tno\tanonymous" >> /etc/ftpaccesse "rename\t\tyes\treal\n" >> /etc/ftpaccess
grep -v ^noretrieve /etc/ftpaccess > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
echo -e "\nnoretrieve\t/home/ftp/upload" >> /etc/ftpaccess
# echo -e "noretrieve\t/home/ftp/dev" >> /etc/ftpaccess
# echo -e "noretrieve\t/home/ftp/lib" >> /etc/ftpaccess
# echo -e "noretrieve\t/home/ftp/bin\n" >> /etc/ftpaccess
echo "You couldn't download files from directory /home/ftp/upload !"
grep -v ^guest-root /etc/ftpaccess |grep -v ^restricted-gid |grep -v
^restricted-uid > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
echo -e "\nguest-root\t/home/ftp\tftpadmin" >> /etc/ftpaccess
echo -e "restricted-uid\tftpadmin" >>/etc/ftpaccess
echo -e "restricted-gid\tftpadmin\n" >>/etc/ftpaccess
}message(){
class_defined
grep -v ^message /etc/ftpaccess |grep -v ^readme |grep -v ^greeting
>/etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
echo -e "\nThis is MESSAGE TEST ,if you see the information ,
congratulations !\n" >/home/ftp/.welcome.msg
echo -e "\nmessage\t/home/ftp/.welcome.msg\tLOGIN" >> /etc/ftpaccess
echo -e "\nThis is README TEST ,if you see the information ,congratulations
!\n" > /home/ftp/README.txt
echo -e "readme\treadme\tREADME*\tlogin" >> /etc/ftpaccess
echo -e "readme\tREADME*\tcwd=*" >> /etc/ftpaccess
echo -e "greeting\tterse\n" >> /etc/ftpaccess
echo -e "Only \"FTP server ready\" echo when connected !"
}security(){
class_defined
grep -v commands /etc/ftpaccess |grep -v transfers |grep -v security
|grep -v ^passwd_check > /etc/ftpaccess.tmp
mv -f /etc/ftpaccess.tmp /etc/ftpaccess
echo -e "\nlog\tcommands\treal,guest" >> /etc/ftpaccess
echo -e "log\ttransfers\treal,guest\tinbound,outbound" >> /etc/ftpaccess
echo "Commands used by real users and guest users loged to /var/log/message !"
echo -e "passwd-check\trfc822\tenforce" >> /etc/ftpaccess
echo "If the password isn't the rfc822 email address,you will not login in !"}
guest(){
class_defined
if [ $arg_count -ne 2 ] ; then
echo -e "\007\nUsage: {GetProperty(Content)} guest username !\n"
exit 1
fi
if [ `grep -c ^$username /etc/passwd` -lt 1 ] ; then
echo -e "\007The user $username does not exist.\nPlease run {GetProperty(Content)} userconf first !"
exit 1
fi
if [ `grep ^guestgroup /etc/ftpaccess |grep -c $username` -ge 1 ] ; then
echo -e "\007\nUser $username does exist in guestgroup !\nTry another user"
else
echo -e "\nguestgroup\t$username" >> /etc/ftpaccess
echo -e "User $username added to guestgroup !"
fi
}
denyuser(){
if [ $arg_count -ne 3 ] ; then
echo -e "\n\007Usage: {GetProperty(Content)} denyuser add/del username !\n"
exit 1
fi
if [ -f /etc/ftpusers ] ; then
echo -e "\nDeny-userlist file ready !"
else
echo "Deny-userlist file not found !"
touch /etc/ftpusers
chmod 0600 /etc/ftpusers
echo "Create it(/etc/ftpusers) succeed !"
fi
if [ `grep -c ^$username /etc/passwd` -lt 1 ] ; then
echo -e "\007\nThe user $username does not exist.
\nPlease run {GetProperty(Content)} userconf first !"
exit 1
fi
case "$action" in
add)
if [ `grep -c ^$username /etc/ftpusers` -ge 1 ] ; then
echo -e "\007\nUser $username does exist in deny-userlist
!\nTry another user"
else
echo "$username" >> /etc/ftpusers
echo -e "User $username added to deny-userlist !"
fi
;;
del)v ^$username /etc/ftpusers > /etc/ftpusers.tmp
mv -f /etc/ftpusers.tmp /etc/ftpusers
echo "User $username deleted from deny-userlist !"
;;
*)
echo -e "\007Usage: {GetProperty(Content)} denyuser \"add/del\" username"
;;
esac
}denyhost(){
if [ $arg_count -ne 5 ] ; then
echo -e "\007\nUsage: {GetProperty(Content)} denyhost add/del allow/deny
username hostname !\n"
exit 1
fi
if [ -f /etc/ftphosts ] ; then
echo -e "\nDeny-hostlist file ready !"
else
echo "Deny-hostlist file not found !"
touch /etc/ftphosts
chmod 0600 /etc/ftphosts
echo "Create it(/etc/ftphosts) succeed !"
fi
case "$action" in
add)
if [ `grep -w $hostname /etc/ftphosts | grep -w -c $username`
-ge 1 ] ; then
echo -e "\007\nDeny-rule \"$rule $username
$hostname\" does exist in deny-hostlist!\nTry another rule"
else
echo -e "$rule\t$username\t$hostname" >> /
etc/ftphosts
echo -e "Deny-rule \"$rule $username $hostname\"
added to deny-hostlist !"
fi
;;
del)
if [ `grep $hostname /etc/ftphosts |grep -c $username` -lt 1 ] ; then
echo -e "\007\nDeny-rule \"$rule $username
$hostname\" does not exist in deny-hostlist!\nTry another rule"v $username /etc/ftphosts > /etc/ftphosts.tmp
grep -w $username /etc/ftphosts |grep -v $hostname$ >> /etc/ftphosts.tmp
mv /etc/ftphosts.tmp /etc/ftphosts
echo -e "\nDeny-reul \"$rule $username $hostname\
" deleted from deny-hostlist !"
fi
;;
*)
echo -e "\007\nUsage: {GetProperty(Content)} denyhost add/del
allow/deny username hostname !\n"
;;
esac
}
case "{GetProperty(Content)}" in
start)
start
;;
stop)
stop
;;
status)
status
;;
restart)
stop
start
;;
userconf)
if [ $arg_count -lt 2 ] ; then
echo -e $"\007Usage: {GetProperty(Content)} userconf username"
exit 1
fi
username=$2
userconf
;;
mini)
arg_type=$2
arg_addr=$3
mini
;;
limit)
arg_class=`grep ^class /etc/ftpaccess |tr
-s "[ ]" |cut -f 2 -d " "|cut -f 2`
arg_user_count=$2
times=$3
limit
;;
loginfails)
failed_count=$2
loginfails
;;
view)
view
;;
access)
access
;;
message)
message
;;
guest)
username=$2
guest
;;
denyuser)
action=$2
username=$3
denyuser
;;
denyhost)
if [ $arg_count -ne 5 ] ; then
echo -e "\007\nUsage: {GetProperty(Content)} denyhost add/del
allow/deny username hostname !\n"
exit 1
fi
action=$2
rule=$3
username=$4
hostname=$5
denyhost
;;
*)
echo -e $"\007Usage:\n\t{GetProperty(Content)} {start|stop|restart|status|
userconf|mini|limit|loginfails\n\t\t\t
|view|access|message|guest|denyuser|denyhost}"
exit 1
esac
-------------------------------test_client.sh--------------------------
#!/bin/sh
flags=1
conn_count={GetProperty(Content)}
username=$2
password=$3
hostname=$4usage()
{
echo -e "\007Usage:"
echo "`basename {GetProperty(Content)}` conn_count username
password hostname"
echo
exit 1
}
if [ $# -lt 4 ]
then
usage
fiif [ `/usr/bin/nmap -p21-21 localhost
|grep -c ftp` -ne 1 ] ; thenecho -e "\007\nFTP SERVER stoped!"
fikillall -9 nc 2>/dev/null
echo -e "\tF T P E C H O" > /tmp/ftpechowhile [ $flags -le $conn_count ]
do
echo -e "USER $username\nPASS $password\n" |
nc $hostname 21 > /tmp/ftpecho &
sleep 1
if [ `grep -c "530-Please-try-a-later!" /
tmp/ftpecho` -eq 1 ] ; then
echo -e "\007\n\t`expr $flags - 1` online users
limit reached, Please try a later !\n"
break
fi
echo -e "\n\t$flags FTP Connection Completed!"
flags=`expr $flags + 1`
done
----------------------------autotelnet.sh-----------------------------
#!/usr/bin/expect -f
# wrapper to make passwd(1) be non-interactive
# username is passed as 1st arg, passwd as 2ndset machine [lindex $argv 0]
set user [lindex $argv 1]
set password [lindex $argv 2]
#set send_human {.2 .4 1 .5 2}
#exec adduser $user
spawn telnet $machine
expect "login:"
#exec sleep 1
send "$user\r"
expect "Password:"
#exec sleep 1
send "$password\r"
#exec sleep 1
send "exit\r"
expect eof