Then you can connect to arbitrary FTP servers (which may be
outside of firewall) via this FTP-proxy.
internal% ftp
ftp> open firewall 8021
220- firewall PROXY-FTP server (DeleGate/6.1.0) ready.
220- @ @
220- ( - ) { DeleGate/6.1.0 (February 3, 2000) }
...
220- --
220- You can connect to a SERVER by `user' command:
220- ftp> user username@SERVER
220- or by `cd' command (after logged in as an anonymous user):
220- ftp> cd //SERVER
220- Cache is enabled by default and can be disabled by `cd .' (toggle)
220- This (proxy) service is maintained by 'admin@your.domain'
220
Name (yourhost:yourname): ftp@ftp1
331-- USER for ftp@ftp1.
220- ftp1 FTP server ready.
331- Guest login ok, send your complete e-mail address as password.
331-- @ @
331 \( - )/ -- { connected to `ftp' }
Password: me@my.domain
230 Guest login ok, access restrictions apply.
ftp> cd //ftp2
250-- CWD for ftp@ftp2
220- ftp2 FTP server ready.
230- Guest login ok, access restrictions apply.
250-- @ @
250 \( - )/ -- { connected to `ftp2' }
ftp>
Note: The majority of ftp clients can allow to specify the port
number of FTP at command line like: internal% ftp firewall 8021
The url-path in the URL of FTP (as ftp://server/url-path) is interpreted
as the relative path from the login-directory of a user (RFC1738).
The absolute path from the root directory in the server is to be represented
as ftp://server/%2Fabs-url-path where "%2F" represents the url-encoded
string of "/" for the root directory.
In the case of MOUNT for non-anonymous FTP (and sftp) server, it is usual
that a login-directory is not the root directory in the server.
In the above examples of MOUNTs, the first one shows only the directory tree
under a login-directory while the second one shows the whole directory tree
under the root.
This becomes necessary to allow users to access to the whole directory
and/or to do cache data of non-anonymous users.
The third one with "logindir" option shows the whole tree but the current
directory right after login is set to the login-directory.
A LPR/FTP-DeleGate allows FTP clients to access to remote printers;
printing a file by FTP file uploading and
showing a printer status by FTP directory listing.
MountOption "readonly" will inhibits listing the status.
"RELAY=no" prohibits the DeleGate to work as a proxy FTP server.
Writing to the file is disabled by default in origin FTP-DeleGate.
You need to specify "rw" (read/write) as a mount option to
MOUNT points to be writable, like MOUNT="/xxx/* /yyy/* rw".
Retrieving the whole contents under a specified directory and
returning it as a single file in tar format
by "RETR directory.tar" command is supported to be
enabled by adding "tar" to the REMITTABLE list like REMITTABLE="+,tar".
disables XDC mode for data transmission on control connection.
rawxdc
transmit data without encoding into BASE64 on XDC mode
If a ftpControl listed above is followed by ":sv" or ":cl" like "nopasv:sv"
for example, the ftpControl is applied only for server side
or client side respectively.
rl -- reject FTP Bounce from specific clients in combination with REJECT="ftp-bounce:*:clientHost" parameter
forcexdc
enables XDC mode even if the destination server is on the same host
proxyauth
enables authentication and authorization as a proxy FTP server.
A username as user@server is decomposed into
user and server and used for matching in
AUTHORIZER as
AUTHORIZER=-list{user:pass}(reprUser):ftp:server".
Also it enables generation of authentication information to be forwarded
to the server by MYAUTH as
MYAUTH="genuser:genpass:ftp:server:-a/user@*".
servon=init|user|pass
select the timing of connection establishment to the MOUNTed server.
By default, the connection to a server is initiated on the command
from the client, of which argument selects the MOUNT point, after
the authentication finished (with USER and PASS).
servon="init" forces immediate connection to a server on the client
connection and doing authentication by the server (as SERVER=ftp://server).
"user" or "pass" specifies connecting to a server on "USER" or "PASS"
command respectively.
usdelim:{setOfDelimiters}
-- default: FTPCONF="usdelim:*%#"
a set of delimiters usable in place of "@" in "user@site",
ex. "ftp://user*server@proxy" or "ftp://anonymous:name*domain@server".
hideserv
-- hide server's identification
Don't relay the opening message from the server to client which may
include the identification information about the server.
nounesc
-- disables unescaping %XX notation in arguments to the server.
If this option is not specified, %XX notation included in arguments
representing path, like "%2Fhome/" for example, is unescaped by default.
FTPCONF can be applied on a specific condition by specifying it
as a MountOption like
MOUNT="vURL rURLFTPCONF=ftpConf"
or with CMAP
like CMAP=ftpConf:FTPCONF:connMap.
The format of PROTOLOG for FTP protocol is so called xferlog(5)
which is compatible with that of "wu-ftp".
Each line of xferlog consists of following elements (in a single line).
transferTime is the total time in seconds for the transfer.
transferType is either "a" (ascii) or "b" (binary).
specialActionFlag is always "_" (none) in the current implementation.
direction is either "o" (outgoing) or "i" (incoming).
accessMode is either "a" (anonymous) or "r" (real user).
userName is e-mail address with accessMode "a",
or a real user name with accessMode "r".
serviceName is always "ftp" in the current implementation.
authenticationMethod is either "0" (none) or "1" (RFC1413 Authentication).
authenticatedUserID is the user id got via the authenticationMethod
or "*" without authentication.
DeleGateStatus is one of "L" (local file), "H" (cache hit),
"N" (cache miss).
Example:
Mon Feb 28 15:32:15 2000 13 proxy.xyz.co.jp
182558 /ftp/pub/DeleGate/Manual.htm a _ o a
webmaster@xyz.co.jp ftp 0 * L