Hello, We are trying to use ftp-proxy in our structure and we've noticed the following behaviour with the simple Bind to the Ldap directory. The first simple BIND made to the server ldap (Iplanet) returns the following result according to password. In Ftp-client: - With good user and bad password: result=invalid credentials , it's not ok (normal) - With good user and password : result= succeed (normal) - without password (but good user): result = succeed the proxy continues to process the ftp request (strange!) I read the code of proxy-suite-1.9.2.2, and i write a correction In ftp-ldap.c ligne 184: // Patch Fred Bug mot de passe nul if (*pwd == '\0') { syslog_write(U_ERR, "Bad password"); exit(-1); } I work on various modifications for ftp-proxy (ex: identification with Ldap Group) and that works correctly. But i have one question, i want to create policy rules for destination (not for user) Is it already possible ? For sample: permit: IPserverftp -> for all destination IP ->;cmds=ALLO,APPE,DELE,MKD,RMD,RNFR,RNTO,STOR,STOU And IPserverftp -> 10.0.0.1->;All cmds Cordially -- Cordialement Bourgeois Frédéric Ministère de l'intérieur DSIC/SDIEE/BEERTD/CGN/ Section THESEE Frederic.bourgeois (nospam) @interieur.gouv.fr
participants (1)
-
BOURGEOIS Frederic DSIC BEERTD CGN THESEE