Chinaunix首页 | 论坛 | 博客
  • 博客访问: 456932
  • 博文数量: 191
  • 博客积分: 10987
  • 博客等级: 上将
  • 技术积分: 1924
  • 用 户 组: 普通用户
  • 注册时间: 2009-04-22 09:52
文章分类

全部博文(191)

文章存档

2014年(10)

2011年(11)

2010年(38)

2009年(132)

分类:

2009-07-12 23:20:45

声明:本文档是我自己试着翻译的,难免会有错误,请高人指正,请勿以这里的翻译为准。

接上续……..

布尔型选项和值(1

 

 

download_enable

              If set to NO, all download requests will give permission denied.

 

              Default: YES

 download_enble

             如果设置为NO,所有的用户禁止下载

             默认:YES

 

dual_log_enable

              If enabled, two log files are generated in  parallel,  going  by

              default to /var/log/xferlog and /var/log/vsftpd.log.  The former

              is a wu-ftpd style transfer log, parseable  by  standard  tools.

              The latter is vsftpd’s own style log.

 

              Default: NO

dual_log_enable

             如果启用,会产生两个日志文件/var/log/xferlog,var/log/vsftpd.conf .格式是标准的参数,是wu-ftpd的格式,后来也成了vsftpd自己的类型日志了

 

force_dot_files

              If  activated,  files  and  directories  starting with . will be

              shown in directory listings even if the "a" flag was not used by

              the client. This override excludes the "." and ".." entries.

 

              Default: NO

force_dot_files

              如果激活,在客户端输入ls –l命令也可以显示出带“.”的文件和目录,但是默认的“.”和“..”除外

               默认:NO

 

force_anon_data_ssl

              Only  applies  if  ssl_enable  is  activated.  If activated, all

              anonymous logins are forced to use a secure  SSL  connection  in

              order to send and receive data on data connections.

 

              Default: NO

force_anon_data_ssl

             条件是ssl_enable必须被激活,如果被激活,那么所有的匿名账户在发送和接受数据的时候被强迫时候SSL通道来连接数据端口

             默认:NO

         

force_anon_logins_ssl

              Only  applies  if  ssl_enable  is  activated.  If activated, all

              anonymous logins are forced to use a secure  SSL  connection  in

              order to send the password.

 

              Default: NO

force_anon_logins_ssl

             条件是ssl_enable必须被激活,如果被激活,所有的匿名用户被迫使用一个安全的连接

             默认:NO

 

 force_local_data_ssl

              Only  applies if ssl_enable is activated. If activated, all non-

              anonymous logins are forced to use a secure  SSL  connection  in

              order to send and receive data on data connections.

 

              Default: YES

force_local_data_ssl

             条件是ssl_enable必须被激活,如果被激活,所有的非匿名账户都使用安全的连接来接受和发送数据

              默认:YES

 

force_local_logins_ssl

              Only  applies if ssl_enable is activated. If activated, all non-

              anonymous logins are forced to use a secure  SSL  connection  in

              order to send the password.

 

              Default: YES 

force_local_logins_ssl     

               条件是ssl_enable必须被激活,如果被激活,所有的非匿名用户被迫使用一个安全的连接

      

 

guest_enable

              If  enabled,  all  non-anonymous  logins  are classed as "guest"

              logins. A guest login is remapped to the user specified  in  the

              guest_username setting.

 

              Default: NO

 

guest_enable

           如果被启用,所有的非匿名账户登录被归类于“guest”类型,一个guest类型的账号登陆,映射指定的用户,在字段guest_username里进行设置

           默认:NO

          一般虚拟用户要启用这两个字段

        

 

 hide_ids

           If enabled, all user and group information in directory listings

          will be displayed as "ftp".

 

          Default: NO  

hide_ids

          如果被启用,当登录到ftp服务器的时候,用户看到的uidgid是全是ftp

          默认:NO

 

 listen      

If enabled, vsftpd will run in standalone mode. This means  that

          vsftpd  must not be run from an inetd of some kind. Instead, the

          vsftpd executable is run once directly. vsftpd itself will  then

          take care of listening for and handling incoming connections.

 

          Default: NO   

listen 

         如果被启用,vftpd服务器将运行独立模式,这就意味着vsftpd服务不运行xinetd服务进程,相反地,vsftpd进程就直接一次性运行,vsftpd本身自己将监听和处理到来的连接

         默认:NO

listen_ipv6

              Like  the listen parameter, except vsftpd will listen on an IPv6

              socket instead of an IPv4 one. This  parameter  and  the  listen

              parameter are mutually exclusive.

 

              Default: NO

listen_ipv6

            监听ipv6的网段地址,与ipv4是一样的意思

 

             

 

 local_enable

              Controls  whether local logins are permitted or not. If enabled,

              normal user accounts in /etc/passwd (or wherever your PAM config

              references)  may  be used to log in. This must be enable for any

              non-anonymous login to work, including virtual users.

 

              Default: NO

local_enable

              控制是否允许本地访问,如果启用,在/etc/passwd (或者是通过PAM验证的)账号将被允许登录服务器,任何非匿名用户,包括虚拟用户要被使用,必须开启这个选项

              默认:NO

 

 lock_upload_files

              When enabled, all uploads proceed  with  a  write  lock  on  the

              upload  file.  All  downloads proceed with a shared read lock on

              the download file. WARNING!  Before enabling this, be aware that

              malicious readers could starve a writer wanting to e.g. append a

              file.

 

              Default: NO

lock_upload_files

              当启用这项的时候,对所有上传文件的处理是在上传文件里带了一把写锁,对所有下载的文件的处理是在下载的文件里共享一把只读锁,警告!启用之前,意识到一些恶意的读者饥饿般地想要写入,比如,增加一个文件

              默认:NO

 

log_ftp_protocol

              When enabled, all FTP requests and responses are logged, provid-

              ing  the  option  xferlog_std_format  is not enabled. Useful for

              debugging.

 

              Default: NO

log_ftp_protocol

              当启用的时候,所有的ftp请求和响应都被记录,但是字段xferlog_std_format必须被禁用,一般是调试的时候使用

              默认:NO

ls_recurse_enable

              When enabled, this setting will allow the use of "ls  -R".  This

              is  a minor security risk, because a ls -R at the top level of a

              large site may consume a lot of resources.

 

              Default: NO

ls_recure_enable

              当被启用的时候,将被允许使用ls  -R这个命令,有一定的安全风险,因为在一些大的站点的顶层目录下使用ls  -R ,会消耗很多的资源

              默认:NO

 

 

 

 mdtm_write

              When enabled, this setting will allow MDTM to set file modifica-

              tion times (subject to the usual access checks).

 

              Default: YES

mdtm_write

               但启用的时候,将允许使用MDTM设置文件的修改次数(通常访问检查限制)

               默认:YES

 

 

 no_anon_password

              When  enabled, this prevents vsftpd from asking for an anonymous

              password - the anonymous user will log straight in.

 

              Default: NO

no_anon_passwd

              当启用的时候,匿名用户登录的时候不需要出现密码提示符就直接登录到ftp服务器

              默认:NO

 

 

 no_log_lock

              When enabled, this prevents vsftpd from taking a file lock  when

              writing  to  log  files.  This  option  should  generally not be

              enabled. It exists to workaround operating system bugs  such  as

              the  Solaris  /  Veritas  filesystem  combination which has been

              observed to sometimes exhibit hangs trying to lock log files.

 

              Default: NO

no_log_lock

             当启用的时候,在写入日志的时候,将阻止文件锁定,这个选项一般不启用,

             它存在的理由是像solaris /veritas 文件系统共存的情况下,有个时候,文件

             被挂起的时候就尝试锁定文件

             默认:NO

one_process_model

              If you have a Linux 2.4 kernel, it is possible to use a  differ-

              ent  security  model which only uses one process per connection.

              It is a less pure security model, but gains you performance. You

              really  don’t  want  to enable this unless you know what you are

              doing, and your site supports  huge  numbers  of  simultaneously

              connected users.

 

              Default: NO

one_process_model

              如果是linux 2.4的内核,它很可能使用一个不一样安全模式,那就是用户的

              每个连接只有一个进程,它是很少的安全模式,但是获取了性能的优越,除

              非你想这么做,或你的站点支持大量的并发连接用户。

              默认:NO

              现在时2.6内核了,不需要了,NO掉吧

 

passwd_chroot_enable

              If enabled, along with chroot_local_user , then a chroot() jail

              location may be specified on a per-user basis. Each user’t jail

              is derived from their home directory string in /etc/passwd. The

              occurrence of /./ in the home directory string denotes that  the

              jail is at that particular location in the path.

 

              Default: NO

passwd_chroot_enable

              如果被启用,配合字段chroot_local_user使用,然后一个禁锢的位置也许是

              在每个用户的基础上被指定的,每个用户的禁锢是源于来自/etc/passwd

              符串的用户家目录,在家目录中出现/./符号是指被禁锢在一个特殊的位置

               默认:NO

 

  pasv_addr_resolve

              Set to YES if you want to use a hostname (as opposed to IP

              address) in the pasv_address option.

 

              Default: NO

pasv_addr_resolve

              如果你想在pasv_address选项中要使用一个主机名(相对于IP地址),就激

              活它

              默认:NO

 

   

 pasv_enable

              Set to NO if you want to disallow the PASV method of obtaining a

              data connection.

 

              Default: YES  

pasv_enable

             如果你想要在数据传输的时候禁止被动模式,就设置这个字段为NO

             默认:NO

 

*****************请继续关注后续的翻译**********************

阅读(651) | 评论(0) | 转发(1) |
给主人留下些什么吧!~~