From owner-freebsd-net@FreeBSD.ORG Mon Jul 17 17:58:34 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9AFD116A4DF; Mon, 17 Jul 2006 17:58:34 +0000 (UTC) (envelope-from mi+mx@aldan.algebra.com) Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id A91B943D46; Mon, 17 Jul 2006 17:58:33 +0000 (GMT) (envelope-from mi+mx@aldan.algebra.com) Received: from corbulon.video-collage.com (static-151-204-231-237.bos.east.verizon.net [151.204.231.237]) by aldan.algebra.com (8.13.6/8.13.6) with ESMTP id k6HHwLck041417 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 17 Jul 2006 13:58:31 -0400 (EDT) (envelope-from mi+mx@aldan.algebra.com) Received: from [172.21.130.86] (mx-broadway [38.98.68.18]) by corbulon.video-collage.com (8.13.6/8.13.6) with ESMTP id k6HHwFaU019730 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 17 Jul 2006 13:58:16 -0400 (EDT) (envelope-from mi+mx@aldan.algebra.com) From: Mikhail Teterin Organization: Virtual Estates, Inc. To: "David J. Orman" Date: Mon, 17 Jul 2006 13:58:09 -0400 User-Agent: KMail/1.9.1 References: <200607171306.01882.mi+mx@aldan.algebra.com> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-u" Content-Transfer-Encoding: 8bit Content-Disposition: inline Message-Id: <200607171358.09943.mi+mx@aldan.algebra.com> X-Virus-Scanned: ClamAV 0.88/1600/Sat Jul 15 11:03:46 2006 on corbulon.video-collage.com X-Virus-Status: Clean X-Scanned-By: MIMEDefang 2.43 Cc: isp@freebsd.org, net@freebsd.org Subject: Re: forcing FTP-uploaded files to be of certain types only X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jul 2006 17:58:34 -0000 понед╕лок 17 липень 2006 13:51, David J. Orman написав: > The stock ftp server? If you can't base the prohibitions on file extension > alone (such as the 100kb example you made) then you're going to have to > modify the source of the ftp daemon yourself. Size, extension, etc - those > are relatively easy limits to impliment. Actual file typing by examination > of the first 100kb isn't easy, and it isn't part of the core functionality > AFAIK. You'll have to write that. In fact, I'm not aware of any ftp server > that does what you're asking. I was hoping for some sort of plugin-API for the server... Determining the file's type is not really hard -- file(1) does just that. I'm not looking to prevent _malicious_ users -- just the ignorant ones. We don't mind LARGE files -- some of those are legitimate. We just want them to be compressed before being uploaded. In fact, checking for this is even easier, than the usual byte-sniffing done by file(1) -- just try to compress those first 100K. If the result is smaller than 50K, the whole gets rejected :-) > Maybe it would be better to examine files periodically that were uploaded > via a simple program, and anything that isn't allowed, destroy. No, destruction is not an option :-) > You could also make it compress things that weren't compressed to begin > with, etc etc etc. Yeah, and we are doing that now -- kind of. But I would like an educational message sent to the uploader instead: "Transfer aborted: please compress large files before uploading"... -mi