ftp server acl
Use ftp server acl to use an ACL to control FTP clients' access to the FTP server.
Use undo ftp server acl to restore the default.
Syntax
ftp server acl { acl-number| ipv6 ipv6-acl-number }
undo ftp server acl [ ipv6 ]
Default
No ACL is used to control FTP clients' access to the FTP server.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
acl-number: Specifies an IPv4 ACL number in the range of 2000 to 3999.
ipv6 ipv6-acl-number: Specifies an IPv6 ACL number in the range of 2000 to 3999.
Usage guidelines
You can use this command to permit only FTP requests from specific FTP clients. This configuration takes effect only for FTP connections to be established. It does not impact existing FTP connections. If you execute the command multiple times, the most recently specified ACL takes effect.
Examples
# Use ACL 2001 to allow only client 1.1.1.1 to access the FTP server.
<Sysname> system-view [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule 0 permit source 1.1.1.1 0 [Sysname-acl-basic-2001] rule 1 deny source any [Sysname-acl-basic-2001] quit [Sysname] ftp server acl 2001