WU-FTPD 2.6.1 Release Notes for HP-UX 11i v1, HP-UX 11i v2 and HP-UX 11i v3

• Enhanced DNS Extensions

You can use this feature to refuse (or override) an FTP session when a reverse DNS

lookup fails.

The syntax for the enhanced DNS extension feature is as follows:

dns refuse_mismatch <filename> [ override ]

dns refuse_no_reverse <filename> [ override ]

dns resolveroptions <options>

• Reported Address Control

This feature enables you to impose control on the address reported in response to

a PASVcommand and on the TCP port numbers that can be used for a passive data

connection. When a control connection matching the classless inter-domain routing

(cidr) requests a passive data connection (PASV), the externalip address is

reported.

The syntax for controlling the reported address is as follows:

passive address <externalip> <cidr>

passive ports <cidr> <min> <max>

Example 1-2 The passive Clause

The following is an example of a passive clause:

passive address 10.0.1.15 10.0.0.0/8

In this example, clients connecting from the class A network - 10 are informed that

the passive connection is listening on the IP address 10.0.1.15.

passive ports 10.0.0.0/8 90 100

In this example, if a control connection from the class A network - 10 exits, the

port range within 90 and 100 is randomly selected for the daemon to listen.

NOTE: You cannot control the reported address in an IPv6 environment.

• PORT and PASV Data Connection

This feature enables the site administrator to selectively allow PORT and PASV

data connections. Usually a connection is not established if the remote IP address

of the data connection does not match the remote IP address of the control

connection data. You can specify multiple passive addresses to handle complex

or multi-gateway networks.

The syntax for selectively allowing PORT and PASV data connections is as follows:

pasv-allow <class> [ addrglob ...]

port-allow <class> [ addrglob ...]

34 WU-FTPD 2.6.1 Release Notes