[zorp] FtpProxyAnonRO LIST

Gellér Sándor wildy at balabit.hu
Wed Jun 8 09:26:47 CEST 2005

Phil Moors wrote:
> Hi,
> I'm trying to get the FtpProxyAnonRO class to also allow the LIST
> command so an 'ls' can be issued by the client. I added the following
> line to Ftp.py in the FtpProxyAnonRO class:
> 	self.request["LIST"] = (FTP_REQ_ACCEPT)
> I also applied iptables rules to allow ports 40000:41000 between the
> hosts.
> Ethereal shows that the LIST command never arrives from a client going
> through the firewall. A "Connection refused" error is returned to the
> client. Clients not going through the firewall work.
> What am I missing?
> GPL version
> Zorp 2.1.8
> Zorplib
> TIA, Phil

Hi Phil,

The ftp proxy already supports the LIST command. Please don't modify the
supported python modules, because your modifications will be lost when
you upgrade Zorp. You can create your own FTP proxy class in
/etc/zorp/policy.py, and customize this inherited class to allow/deny
commands. (I suppose that you forgot to recompile the Ftp.py module,
however, your change wasn't necessary.)

If you post your zorp and iptables configuration, then we will be able
to track down your problem.


Gellér Sándor
wildy at balabit.hu

More information about the zorp mailing list