Vadim_Tugai_951
Mar 16, 2005Nimbostratus
FTP reverse-proxy
Has anyone tried to use F5 (v9) as an FTP reverse proxy?
We use F5 as a reverse-proxy for HTTP and would like to cover FTP traffic as well (validating the L5-L7 traffic to confirm that it is really FTP).
Have there been any FTP-specific iRule command-sets defined (similar in functionality to to the HTTP:: commands).
Ideally such FTP command-set would:
- support both passive and active FTP (while F5 acts as a full application-layer FTP proxy)
- analyse/validate FTP application traffic across both FTP sessions (control and data)
- have an ability to limit FTP commands that can be used for certain FTP directories (eg. if a directory is read-only - only "ls", "get" and "mget" should be allowed)
- proxy the user authentication to the end-server while providing filtering (eg. in some cases a user "anonymous" should be blocked at the proxy level)