Not possible.
[L] PASV
[L] 227 Entering Passive Mode (ip1,port1)
[R] PORT ip1,port1
[R] 200 PORT command successful.
[R] STOR somefile.ext
[R] 150 Opening ASCII mode data connection for somefile.ext.
[L] RETR somefile.ext
[L] 150 Opening ASCII mode data connection for somefile.ext.
If your site is [R], in this case you could simply catch PORT commands, and return an error if ip1 is banned. But the thing is, if it fails that way, the FTP (FXP) client can simply try it the other way around, and it will work:
[R] PASV
[R] 227 Entering Passive Mode (ip2,port2)
[L] PORT ip2,port2
[L] 200 PORT command successful.
[L] STOR somefile.ext
[L] 150 Opening ASCII mode data connection for somefile.ext.
[R] RETR somefile.ext
[R] 150 Opening ASCII mode data connection for somefile.ext.
In this case, there's no way to block ip1, since we don't see it.
If you want to block all transfers to certain IPs, I suggest a firewall. Very simple then, simply add a custom rule to block all traffic to and from that IP.
Done.
|