FTP-Proxy: General Settings

In the FTP-Proxy General Settings, you can set basic FTP parameters.


  1.
    1. Select Firewall > Proxy Actions.
      The Proxy Action page opens.
    2. Select the proxy action to edit.
    3. Click Edit.
  2. In the FTP Proxy Action Configuration, select General.

Screen shot of the Edit Proxy Action page for an FTP proxy action - General tab
FTP-Proxy Proxy Action general settings in Fireware Web UI


  1. Select Setup > Actions > Proxies.
    The Proxy Action dialog box opens.
  2. Select the proxy action to edit.
  3. Click Edit.
  4. Select General.

Screen shot of the FTP Proxy Action Configuration General page
FTP-Proxy Proxy Action general settings in Policy Manager

  1. To set limits for FTP parameters, select the applicable check boxes. These settings help to protect your network from buffer overflow attacks.

Set the maximum user name length to

Sets a maximum length for user names on FTP sites.

Set the maximum password length to

Sets a maximum length for passwords used to log in to FTP sites.

Set the maximum file name length to

Sets the maximum file name length for files to upload or download to FTP sites.

Set the maximum command line length to

Sets the maximum length for command lines used on FTP sites.

Set the maximum number of failed logins per connection to

Allows you to limit the number of failed connection requests to your FTP site. This can protect your site against brute force attacks.

Set the maximum time period for failed logins

Allows you to set the time interval allowed (in seconds) for the maximum number of failed login attempts to your FTP site.

  1. In the text box for each setting, type or select the limit for the selected parameter.
  2. For each setting, select or clear the Auto-block check box.
    If a user tries to connect to an FTP site and exceeds a limit that you have selected to auto-block, the computer that sent the commands is added to the temporary Blocked Sites List.
  3. To create a log message for each transaction, select the Enable logging for reports check box.
    You must select this option to get detailed information on FTP traffic.

  4. To specify the diagnostic log level for all proxy polices that use this proxy action, select the Override the diagnostic log level for proxy policies that use this proxy action check box.

    From the Diagnostic log level for this proxy action drop-down list, select a log level:

    • Error
    • Warning
    • Information
    • Debug

    The log level you select overrides the diagnostic log level that is configured for all log messages of this proxy policy type.

    For more information about the diagnostic log level, go to Set the Diagnostic Log Level.

  5. To change settings for other categories in this proxy, see the topic for the next category you want to modify.
  6. Save your settings.

If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.

For more information on predefined proxy actions, go to About Proxy Actions.

To see IP addresses that are blocked when the limits you set on FTP parameters have been exceeded, you can review your log messages, or you can connect to your device with Firebox System Manager and view the Blocked Sites list and Traffic Monitor. From there you can see which IP addresses were blocked and why, and unblock the sites as appropriate. For more information about the Blocked Sites list and Traffic Monitor, go to Manage the Blocked Sites List (Blocked Sites) and Blocked Sites and Traffic Monitor.

Related Topics 

About the FTP-Proxy