4.6.5.1. Attributes of AbstractFtpProxy

active_connection_mode (enum, rw:r)
Default: FTP_ACTIVE_MINUSONE
In active mode the server connects the client. By default this must be from Command Channel port minus one (FTP_ACTIVE_MINUSONE). Alternatively, connection can also be performed either from port number 20 (FTP_ACTIVE_TWENTY) or from a random port (FTP_ACTIVE_RANDOM).

auth_tls_ok_client (boolean, n/a:r)
Default: ""
Shows whether the client-side authentication was performed over a secure channel.

auth_tls_ok_server (boolean, n/a:r)
Default: ""
Shows whether the server-side authentication was performed over a secure channel.

buffer_size (integer, rw:r)
Default: 4096
Buffer size for data transfer in bytes.

data_mode (enum, rw:r)
Default: FTP_DATA_KEEP
The type of the FTP connection on the server side can be manipulated: leave it as the client requested (FTP_DATA_KEEP), or force passive (FTP_DATA_PASSIVE) or active (FTP_DATA_ACTIVE) connection.

data_port_max (integer, rw:r)
Default: 41000
On the proxy side, ports equal to or below the value of data_port_max can be allocated as the data channel.

data_port_min (integer, rw:r)
Default: 40000
On the proxy side, ports equal to or above the value of data_port_min can be allocated as the data channel.

data_protection_enabled_client (boolean, n/a:r)
Default: ""
Shows whether the data channel is encrypted or not on the client-side.

data_protection_enabled_server (boolean, n/a:r)
Default: ""
Shows whether the data channel is encrypted or not on the server-side.

features (complex, rw:rw)
Default:
Hash containing the filtering policy for FTP features.

hostname (string, n/a:rw)
Default:
The hostname of the FTP server to connect to, when inband routing is used.

hostport (integer, n/a:rw)
Default:
The port of the FTP server to connect to, when inband routing is used.

masq_address_client (string, rw:r)
Default: ""
IP address of the firewall appearing on the client side. If its value is set, this IP is sent regardless of its true IP (where it is binded). This attribute may be used when network address translation is performed before Zorp.

masq_address_server (string, rw:r)
Default: ""
IP address of the firewall appearing on the server side. If its value is set, this IP is sent regardless of its true IP (where it is binded). This attribute may be used when network address translation is performed before Zorp.

max_continuous_line (integer, rw:r)
Default: 100
Maximum number of answer lines for a command.

max_hostname_length (integer, rw:r)
Default: 128
Maximum length of hostname. Used only in non-transparent mode.

max_line_length (integer, rw:r)
Default: 255
Maximum length of a line that the proxy is allowed to transfer. Requests/responses exceeding this limit are dropped.

max_password_length (integer, rw:r)
Default: 64
Maximum length of the password.

max_username_length (integer, rw:r)
Default: 32
Maximum length of the username.

password (string, n/a:rw)
Default:
The password to be sent to the server.

permit_client_bounce_attack (boolean, rw:rw)
Default: FALSE
If enabled the IP addresses of data channels will not need to match with the IP address of the control channel, permitting the use of FXP while increasing the security risks.

permit_empty_command (boolean, rw:r)
Default: TRUE
Enable transmission of lines without commands.

permit_server_bounce_attack (boolean, rw:rw)
Default: FALSE
If enabled the IP addresses of data channels will not need to match with the IP address of the control channel, permitting the use of FXP while increasing the security risks.

permit_unknown_command (boolean, rw:r)
Default: FALSE
Enable the transmission of unknown commands.

proxy_password (string, n/a:rw)
Default:
The password to be used for proxy authentication given by the user, when inband authentication is used.

proxy_username (string, n/a:rw)
Default:
The username to be used for proxy authentication given by the user, when inband authentication is used.

request (complex, rw:rw)
Default:
Normative policy hash for FTP requests indexed by command name (e.g.: "USER", "PWD" etc.). See also Section 2.1, Policies for requests and responses.

request_command (string, n/a:rw)
Default: n/a
When a request is evaluated on the policy level, this variable contains the requested command.

request_parameter (string, n/a:rw)
Default: n/a
When a request is evaluated on the policy level, this variable contains the parameters of the requested command.

request_stack (complex, rw:rw)
Default:
Hash containing the stacking policy for the FTP commands. The hash is indexed by the FTP command (e.g. RETR, STOR). See also Section 2.3.1, Proxy stacking.

response (complex, rw:rw)
Default:
Normative policy hash for FTP responses indexed by command name and answer code (e.g.: "USER","331"; "PWD","200" etc.). See also Section 2.1, Policies for requests and responses.

response_parameter (string, n/a:rw)
Default:
When a response is evaluated on the policy level, this variable contains answer parameters.

response_status (string, n/a:rw)
Default:
When a response is evaluated on the policy level, this variable contains the answer code.

response_strip_msg (boolean, rw:r)
Default: FALSE
Strip the response message and only send the response code.

strict_port_checking (boolean, rw:rw)
Default: TRUE
If enabled the foreign port is strictly checked: in active mode the server must be connected on port 20, while in any other situation the foreign port must be above 1023.

target_port_range (string, rw:r)
Default: "21"
The port where the client can connect through a non-transparent FtpProxy.

timeout (integer, rw:r)
Default: 300000
General I/O timeout in milliseconds. When there is no specific timeout for a given operation, this value is used.

transparent_mode (boolean, rw:r)
Default: TRUE
Specifies if the proxy works in transparent (TRUE) or non-transparent (FALSE) mode.

username (string, n/a:rw)
Default:
The username authenticated to the server.

valid_chars_username (string, rw:r)
Default: "a-zA-Z0-9._@"
List of the characters accepted in usernames.

Previous Up Next
 Home