# This is a basic ProFTPD configuration file (rename it to 
# 'proftpd.conf' for actual use.  It establishes a single server
# and a single anonymous login.  It assumes that you have a user/group
# "nobody" and "ftp" for normal operation and anon.

ServerName			"Sinux FTP Service"
ServerType			standalone
DeferWelcome			off

ShowSymlinks			on
MultilineRFC2228		on
DefaultServer			on
ShowSymlinks			on
AllowOverwrite			on
UseReverseDNS			on
IdentLookups			on

TimeoutNoTransfer		120
TimeoutStalled			120
TimeoutIdle			120

DisplayLogin                    welcome.msg
DisplayFirstChdir               .message
ListOptions                "-l"

TransferLog			/var/log/proftpd.log
SystemLog			/var/log/proftpd-sys.log
SyslogLevel			info

<IfModule mod_tls.c>
	TLSEngine off             # disable SSL by default
	TLSLog /var/log/tls.log
	TLSProtocol TLSv1         # use TLSv1 protocol
</IfModule>

# Port 21 is the standard FTP port.
Port				21

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask				002  002

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances			30

# Set the user and group that the server normally runs at.
User				nobody
Group				nogroup

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite		on
</Directory>

#Disable unsecured access for system users
<Limit LOGIN>
	DenyAll
</Limit>

<Anonymous /var/ftp/pub>
User	sh
Group	ftp
RequireValidShell off
AnonRequirePassword on
MaxClients 10 "Sorry, max %m users reached -- try again later"
MaxClientsPerHost 1 "Sorry, no more than one connection per host allowed."

<Limit LOGIN>
Order	allow, deny
Allow	from *.sh.cvut.cz, *.mk.cvut.cz, *.buk.cvut.cz, *.sin.cvut.cz, *.pod.cvut.cz, *.dik.cvut.cz, *.dk.cvut.cz
Deny	from all
</Limit>

<Directory *>
	<Limit WRITE>
		DenyAll
	</Limit>
</Directory>
<Directory upload>
	<Limit STOR WRITE APPE>
		AllowAll
	</Limit>
</Directory>
</Anonymous>



#priv konto
<VirtualHost IP.IP.IP.IP>
	ServerName			"Sinux secure FTP Service"
	Port	5555
	TLSEngine on		# enable SSL
	TLSRequired on      # if SSL, for both channels
	# Server's certificate
	TLSRSACertificateFile /etc/ftpd/ssl/cert.pem
	TLSRSACertificateKeyFile /etc/ftpd/ssl/key.pem
	
	TimeoutNoTransfer		120
	TimeoutStalled			120
	TimeoutIdle			120
	
	<Anonymous /var/ftp>
	User priv
	Group nobody
	AnonRequirePassword on
	RequireValidShell off
	MaxClients 3 "Sorry, max %m users -- try again later"
	DisplayLogin                    welcome.msg

	<Limit LOGIN>
	Order allow, deny
	Allow from 147.32...
	Deny  from all
	</Limit>

	<Directory *>
		<Limit WRITE>
			DenyAll
		</Limit>
	</Directory>
	<Directory upload>
		<Limit STOR WRITE APPE>
			AllowAll
		</Limit>
	</Directory>
	</Anonymous>
</VirtualHost>