I got FTP reverse proxy working.. using the standard FTP profile (supports active and passive, no iRule needed) The authentication is done at the backend by default.
Some of iRule functionality you want, IE: filtering, I can help you with.
As for validating whether it is actual FTP traffic, what are you concerned about? (Give me an example of non-ftp traffic that you would want to block)
The ability to limit commands can probably be done but it is probably more than I want to bite off.
Feel free to contact me if you need any help.
Cheers,
Brian