Managing FTP Connections
This sample TrafficScript rule manages incoming FTP connections. It implements a proxy for the login stage, waiting until the remote user has provided a suitable user name and password.
When using this rule, configure it as a “run every time” request rule:
$req = string.trim( request.endswith( "\n" ) );
if( string.regexmatch( $req, "USER (.*)" ) ) {
connection.data.set( "user", $1 );
$msg = "331 Password required for ".$1."!!\r\n";
request.sendresponse( $msg );
break;
}
if( !string.regexmatch( $req, "PASS (.*)" ) ) {
# Are we connected?
if( connection.getNode() ) { break; }
request.sendresponse( "530 Please log in!!\r\n" );
break;
}
$user = connection.data.get( "user" );
$pass = $1;
# In this case, we'll permit any password that is
# the uppercase version of the username
# Do your own authentication here; for example,
# call a remote server with http.request.get
if( string.uppercase( $user ) != $pass ) {
request.sendresponse(
"530 Incorrect user or password!!\r\n" );
break;
}
# now, replay the correct request against a new
# server instance, disconnecting from any FTP server
# we are already connected to
response.close();
connection.data.set( "state", "connecting" );
request.set(
"USER anonymous\r\nPASS ".$user."\r\n" );
# select the pool we want...
if( $user == "[email protected]" ) {
pool.select( "Traffic Manager FTP pool" );
}
if( $user == "[email protected]" ) {
pool.select( "Customer FTP pool" );
}
# the default pool is 'discard', so other users
# are dropped
To use this rule, configure it as a “run every time” response rule:
if( connection.data.get("state") == "connecting" ) {
# We've just connected. Slurp the first line
# (the serverfirst banner), the second line (the
# 331 need password) and then replace the
# serverfirst banner
$first = response.getLine();
$second = response.getLine( "\n", $1 );
$remainder = string.skip( response.get(), $1 );
response.set( $first.$remainder );
connection.data.set( "state", "" );
}
Remember to configure a server-first banner for the FTP Virtual Server.