Re: [PLUG] Advice needed on collecting files from FTP site

Mike Leone on 21 Apr 2010 07:13:09 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Advice needed on collecting files from FTP site

From: Mike Leone <turgon@mike-leone.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Advice needed on collecting files from FTP site

Date: Wed, 21 Apr 2010 10:13:01 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.24 (Windows/20100228)

JP Vossen had this to say: >> Date: Tue, 20 Apr 2010 15:38:00 -0400 >> From: Mike Leone <turgon@mike-leone.com> >> >> So here's my situation - I have a Linux server set up in a DMZ, running >> VSFTP. Each FTP account is chrooted. We will be using this for vendors >> to send us invoices, etc. > > FTP, yuck... (Had to be said.) Not really, it didn't, no. :-) > 1) You need to consider what happens if you do your > collect/zip/move/delete part while someone is uploading a file. Sure > you can run your part in the middle of the night, and that'll work fine > until someone works late, in a different time zone, or automates their > part too. Then they re-send, at a more convenient time. :-) Seriously, the possibility is very remote. And if it is, then we cope. This is (supposed to be) a temporary solution. > 2) A DMZ machine should have very strictly limited ability to connect > *in* to the LAN, else what's the point. So having that machine initiate > the connection into the LAN is sub-optimal. Having the vendors transfer in invoices directly into the trusted LAN is even less optimal. :-) And I'd really prefer them not emailing the invoice as an attachment, which is what some of them *will* do ... I suppose I could reach out from the trusted LAN and get the files, as you later suggest. > 3) If you run from cron on the DMZ machine, you really need to allow > email from that machine for cases where the job messes up. But per #2, I'd email statuses regardless of whether it messed up or not. > So, I'd do something like this. Great suggestions; I will consider this. However, the FTP is a stop gap, until our developers get this sort of transfer working from a secure web page accessible to the vendors. And I will deliberately keep it simple and primitive (yet still working and hopefully secure), because I do not want them relying on this method from now until the end of time ... Thanks! > As noted all of that code is untested. Also, the script has two 'echo' > commands in the place it would actually do something. Fiddle with it > and make sure if works if you try to use it, then remove the echos. > > For some primitive sanity checking try: bash -n {script} > For debugging the script try: bash -x {script} > Once it works chmod it executable. > > > Good luck & hope this is useful, ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

Re: [PLUG] Advice needed on collecting files from FTP site
From: JP Vossen <jp@jpsdomain.org>

Prev by Date: Re: [PLUG] Virtualization on Linux

Next by Date: Re: [PLUG] Shell scripting?

Previous by thread: Re: [PLUG] Advice needed on collecting files from FTP site

Next by thread: [PLUG] More advice on shell scripting and basic admin configurations

Index(es):

Date

Thread