Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-06 22:30:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

add a global whitelist

Browse Source 
if defined only the listed IPs/networks can access the configured
services, all other client connections will be dropped before they
even try to authenticate

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2022-03-17 22:10:52 +01:00
parent 03da7f696c
commit d9f30e7ac5
12 changed files with 196 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ftpd/server.go
View File

@@ -151,8 +151,8 @@ func (s *Server) ClientConnected(cc ftpserver.ClientContext) (string, error) {
return "Access denied: banned client IP", common.ErrConnectionDenied
}
if !common.Connections.IsNewConnectionAllowed(ipAddr) {
logger.Log(logger.LevelDebug, common.ProtocolFTP, "", "connection refused, configured limit reached")
return "Access denied: max allowed connection exceeded", common.ErrConnectionDenied
logger.Log(logger.LevelDebug, common.ProtocolFTP, "", fmt.Sprintf("connection not allowed from ip %#v", ipAddr))
return "Access denied", common.ErrConnectionDenied
}
_, err := common.LimitRate(common.ProtocolFTP, ipAddr)
if err != nil {