Phil Moors wrote:
Hi,
I'm trying to get the FtpProxyAnonRO class to also allow the LIST command so an 'ls' can be issued by the client. I added the following line to Ftp.py in the FtpProxyAnonRO class:
self.request["LIST"] = (FTP_REQ_ACCEPT)
I also applied iptables rules to allow ports 40000:41000 between the hosts.
Ethereal shows that the LIST command never arrives from a client going through the firewall. A "Connection refused" error is returned to the client. Clients not going through the firewall work.
What am I missing?
GPL version Zorp 2.1.8 Zorplib 2.1.12.5
TIA, Phil
Hi Phil, The ftp proxy already supports the LIST command. Please don't modify the supported python modules, because your modifications will be lost when you upgrade Zorp. You can create your own FTP proxy class in /etc/zorp/policy.py, and customize this inherited class to allow/deny commands. (I suppose that you forgot to recompile the Ftp.py module, however, your change wasn't necessary.) If you post your zorp and iptables configuration, then we will be able to track down your problem. Regards, -- Gellér Sándor wildy@balabit.hu