SonicOS 7 Rules and Policies

Blocking FTP Commands

You can use App Rules to ensure that your FTP server is read-only by blocking commands such as put, mput, rename_to, rename_from, rmdir, and mkdir. This use case shows a match object containing only the put command, but you could include all of these commands in the same match object.

To block FTP commands

  1. Create a match object that matches on the put command. Because the mput command is a variation of the put command, a match object that matches on the put command is also matched on the mput command.

  2. Optionally, you can create a customized FTP notification action that sends a message to the client; for example:

  3. Create a policy that references this match object and action. If you prefer to simply block the put command and reset the connection, you can select the Reset/Drop action when you create the policy.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.