Responses in certain protocols include numeric response codes, e.g., in the FTP protocol responses start with a three-digit code. In PNS it is possible to filter these codes as well, furthermore, to filter them based on the command to which the response arrives to. In these cases the hash contains both the command and the answer, and an action as well. The '*' wildcard character can be used to match for every command or response code.
Example 2.4. Customizing response codes |
---|
The following example accepts the response '250' only to the 'DELE' command, but allows any response code to the 'LIST' command. class MyFtp1(FtpProxy): def config(self): self.response["DELE", "250"] = (FTP_RSP_ACCEPT) self.response["*", "250"] = (FTP_RSP_REJECT) self.response["LIST", "*"] = (FTP_RSP_ACCEPT) |
It is not necessary to specify the full response code, it is also possible to specify only the first, or the first two digits.
For example, all three response codes presented below are valid, but have different effects:
"PWD","200"
Match exactly the answer 200 coming in a reply to a PWD command.
"PWD","2"
Match every answer starting with '2' in a reply to a PWD command.
"*","20"
Match every answer between 200 and 209 in a reply to any command.
This kind of response code lookup is available in the following proxies: FTP, HTTP, and SMTP. The precedence how the hash table entries are processed is the following:
Exact match. ("PWD","200")
Exact command match, partial response matches ("PWD","20"; "PWD","2"; "PWD","*")
Wildcard command, with answer codes repeated as above. ("*","200"; "*","20"; "*","2")
Wildcard for both indexes. ("*","*")
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu