Contents

Related Topics

FTP-Proxy: Commands

There are a number of commands that FTP uses to manage files. You can configure rules to put limits on some FTP commands.

To control the commands that can be used on an FTP server protected by your Firebox, you can configure the FTP-Server proxy action. By default, the FTP-Server proxy action configuration allows these commands:

ABOR* HELP* PASS* REST* STAT* USER*
APPE* LIST* PASV* RETR* STOR* XCUP*
CDUP* MKD* PORT* RMD* STOU* XCWD*
CWD* NLST* PWD* RNFR* SYST* XMKD*
DELE* NOOP* QUIT* RNTO* TYPE* XRMD*

The FTP-Server proxy action denies all other FTP commands by default.

To put limits on the commands that users protected by the Firebox can use when they connect to external FTP servers, modify the FTP-Client proxy action. The default configuration of the FTP-Client is to allow all FTP commands.

You can add, delete, or modify rules. We recommend that you do not block these commands, because they are necessary for the FTP protocol to work correctly:

Protocol Command Client Command Description

USER

n/a Sent with login name
PASS n/a Sent with password
PASV pasv Select passive mode for data transfer
SYST syst Print the server's operating system and version. FTP clients use this information to correctly interpret and show a display of server responses.

To add, delete, or modify rules:

  1. In the Proxy Action configuration, select the Commands tab.
  2. Add, Change, or Delete Rules.
  3. To change settings for another category in this proxy, see the topic for that category.
  4. Save the settings.

If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.

For more information on predefined proxy actions, see About Proxy Actions.

See Also

About the FTP-Proxy

Give Us Feedback     Get Support     All Product Documentation     Technical Search