A second means of specifying the remote through the proxy is through the passerve servername option, which causes the proxy to immediately connect to the specified remote system. This is useful in supporting modified ftp clients that “understand” the proxy.

Options

-a autheduser

This option is provided for versions of ftpd that may exec () the proxy if given a user@host type address, where the user has already authenticated to the ftpd. If this option is provided, ftp-gw will treat the session as if it has been authenticated for the specified user. If this option is enabled, care should be taken to ensure that the FTP gateway is running on a host with restricted access, to prevent local users from attempting to spoof the authentication. The version of ftpd used should only pass this parameter when the user has been adequately authenticated.

-u user@host

This option enables a user@host destination to be passed directly to the proxy, for versions of ftpd that recognize user@host addresses.

ftp-gw reads its configuration rules and permissions information from the firewall configuration table netperm-table, and retrieves all rules specified for “ftp-gw.” The following configuration rules are recognized:

userid user

These rules specify a numeric user-id or the name of a password file entry. If this value is specified, ftp-gw will set its user-id before providing service. Note that this option is included mostly for completeness; ftp-gw performs no local operations that are likely to introduce a security hole.

To specify a directory to which ftp-gw will chroot(2) prior to providing service, use the command:

directory pathname

The name of a file to display to the remote user if he or she is denied permission to use the proxy is entered with the command:

denial-msg filename

If this option is not set, a default message is generated. When the denial-msg file is displayed to the remote user, each line is prefixed with the FTP codes for permission denied.

To specify the name of a file to display as a welcome banner upon successful connection, use the command:

welcome-msg filename

If this option is not set, a default message is generated. The help command can also be used to display a particular file you want to use for help. To specify the file to use if help is issued, use the command:

help-msg filename

If this option is not set, a list of the internal commands is printed.

To specify the name of a file to display if a user attempts to connect to a remote server for which he or she is restricted, use the command:

denydest-msg filename

If this option is not set, a default message is generated.

The following command specifies the idle timeout value in seconds:

timeout seconds

When the specified number of seconds elapses with no activity through the proxy server, it will disconnect. If this value is not set, no timeout is enforced.

The following rules specify host and access permissions:

hosts host-pattern [host-pattern2 …] [ options ]

Typically, a host’s rule will be in the form of:

ftp-gw:  deny-hosts unknown
ftp-gw:  hosts192.33.112.* 192.94.214.* -log { retr stor }

There may be several host patterns following the “hosts” keyword, ending with the first optional parameter beginning with “-.” Optional parameters permit the selective enabling or disabling of logging information. Sub-options include:

•  -noinput. Specifies that no matter what, the proxy should not accept input over a PORT. Attempts to do so result in the port being closed.

•  -nooutput. Specifies that no matter what, the proxy should not transmit output over a PORT. Attempts to do so result in the port being closed.

•  -log. Specifies that a log entry to the system log should be made whenever the listed operations are performed through the proxy. (See ftpd for a list of known FTP operations.) The format is as follows:

-log operation
-log { operation1 operation2 … }

•  -authall. Specifies that the proxy should permit no operation (other than the quit command) until the user has authenticated to the server. The format is as follows:

-auth operation
-auth { operation1 operation2 …}

•  -auth. Specifies that the operations listed should not be permitted until the user has authenticated to the server. The format is as follows:

-dest pattern
-dest { pattern1 pattern2 … }

•  -dest. Specifies a list of valid destinations. If no list is specified, all destinations are considered valid. The -dest list is processed in the order it appears on the options line. -dest entries preceded with a “!” character are treated as negation entries. The following rule permits hosts that are not in the domain “mit.edu” to be connected:

-dest !*.mit.edu -dest *

•  -deny. Specifies a list of FTP operations to deny. By default, all operations are permitted. The format is as follows:

-deny operation
-deny { operation1 operation2 … }