FTPS_SSL_ Termination
Problem this snippet solves: This iRule is meant to act as a full FTPS termination rule that behaves similarly to HTTPS termination. It forces either an implicit (port 990 by default) or explicit (p...
Published Mar 17, 2015
Version 1.0
bob_ziuchkovsk1
Nimbostratus
Nimbostratusbob_ziuchkovsk1Nimbostratus
Nimbostratus
steffenNimbostratus
NimbostratusHey @bob_ziuchkovsk1
thanks for your FTPS iRule
There are still a few small things that need to be adjusted to make it work.
1. The same variable again "static::pasv_max_port" is incorrect it is already in use.
2. To use this iRule on multiple virtual servers it needs a little more dynamic.
# -- REMOVE OLD --
# Vserver IP to advertise for incoming PASV data channel connections
# NOTE: the commas are NOT a typo. This is the format used by FTP protocol
set static::pasv_max_port "10,0,0,46"
# -- ADD (under "when CLIENTSSL_DATA" ) --
# uses the known virtual server ip address (client context)
set static::vserverip [IP::local_addr]
set static::vserverip_comma [string map {. ,} $static::vserverip]
# -- CHANGE ( under "when SERVER_DATA" ) --
# respoding the virtual server ip address
set pasv_response "227 Entering Passive Mode ($static::vserverip_comma,$our_pasv_str)\r\n"
Tested this on Version: 16.1