FileAnalysis: replace script-layer FTP file analysis.

The notable difference here is that ftp.log now logs by default
the PORT, PASV, EPRT, EPSV commands as well as a separate line for
ftp-data channels in which file extraction was requested.

This difference isn't a direct result of now doing the file extraction
through the file analysis framework, it's just because I noticed even
the old way of tracking extracted-file name didn't work right and this
was the way I came up with so that a locally extracted file can be
associated with a data channel and then that data channel associated
with a control channel.

testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/conn.log

@@ -0,0 +1,14 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	conn
+#open	2013-03-27-17-47-03
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
+#types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	count	string	count	count	count	count	table[string]
+1329843175.736107	arKYeMETxOg	141.142.220.235	37604	199.233.217.249	56666	tcp	ftp-data	0.112432	0	342	SF	-	0	ShAdfFa	4	216	4	562	(empty)
+1329843179.871641	k6kgXLOoSKl	141.142.220.235	59378	199.233.217.249	56667	tcp	ftp-data	0.111218	0	77	SF	-	0	ShAdfFa	4	216	4	297	(empty)
+1329843194.151526	nQcgTWjvg4c	199.233.217.249	61920	141.142.220.235	33582	tcp	ftp-data	0.056211	342	0	SF	-	0	ShADaFf	5	614	3	164	(empty)
+1329843197.783443	j4u32Pc5bif	199.233.217.249	61918	141.142.220.235	37835	tcp	ftp-data	0.056005	77	0	SF	-	0	ShADaFf	5	349	3	164	(empty)
+1329843161.968492	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	tcp	ftp	38.055625	180	3146	SF	-	0	ShAdDfFa	38	2164	25	4458	(empty)
+#close	2013-03-27-17-47-03

testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7-1.dat

@@ -0,0 +1,5 @@
+User-agent: *
+Disallow: *.tgz
+Disallow: *.gz
+Disallow: *.tbz
+Disallow: *.bz2

testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4-0.dat

@@ -0,0 +1,6 @@
+total 98028
+lrwxrwxr-x  1 root  wheel         32 Aug 16  2009 .message -> pub/NetBSD/README.export-control
+drwxr-x--x  3 root  wheel        512 Aug 16  2009 etc
+-rw-rw-r--  1 600   netbsd  50158695 Feb 21 03:10 ls-lRA.gz
+drwxr-xr-x  7 root  wheel        512 Aug 20  2009 pub
+-rw-rw-r--  1 root  wheel         77 Aug 16  2009 robots.txt

testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38-2.dat

@@ -0,0 +1,6 @@
+total 98028
+lrwxrwxr-x  1 root  wheel         32 Aug 16  2009 .message -> pub/NetBSD/README.export-control
+drwxr-x--x  3 root  wheel        512 Aug 16  2009 etc
+-rw-rw-r--  1 600   netbsd  50158695 Feb 21 03:10 ls-lRA.gz
+drwxr-xr-x  7 root  wheel        512 Aug 20  2009 pub
+-rw-rw-r--  1 root  wheel         77 Aug 16  2009 robots.txt

testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk-3.dat

@@ -0,0 +1,5 @@
+User-agent: *
+Disallow: *.tgz
+Disallow: *.gz
+Disallow: *.tbz
+Disallow: *.bz2

testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp.log

@@ -0,0 +1,21 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	ftp
+#open	2013-03-27-17-47-03
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	user	password	command	arg	mime_type	mime_desc	file_size	reply_code	reply_msg	tags	data_channel.passive	data_channel.orig_h	data_channel.resp_h	data_channel.resp_p	extraction_file
+#types	time	string	addr	port	addr	port	string	string	string	string	string	string	count	count	string	table[string]	bool	addr	addr	port	string
+1329843175.680248	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	PASV	-	-	-	-	227	Entering Passive Mode (199,233,217,249,221,90)	(empty)	T	141.142.220.235	199.233.217.249	56666	-
+1329843175.791528	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	LIST	-	-	-	-	226	Transfer complete.	(empty)	-	-	-	-	-
+1329843179.815947	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	PASV	-	-	-	-	227	Entering Passive Mode (199,233,217,249,221,91)	(empty)	T	141.142.220.235	199.233.217.249	56667	-
+1329843193.984222	arKYeMETxOg	141.142.220.235	37604	199.233.217.249	56666	<ftp-data>	-	-	-	-	-	-	-	-	(empty)	-	-	-	-	ftp-item-Rqjkzoroau4-0.dat
+1329843193.984222	k6kgXLOoSKl	141.142.220.235	59378	199.233.217.249	56667	<ftp-data>	-	-	-	-	-	-	-	-	(empty)	-	-	-	-	ftp-item-BTsa70Ua9x7-1.dat
+1329843179.926563	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	RETR	ftp://199.233.217.249/./robots.txt	text/plain	ASCII text	77	226	Transfer complete.	(empty)	-	-	-	-	-
+1329843194.040188	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	PORT	141,142,220,235,131,46	-	-	-	200	PORT command successful.	(empty)	F	199.233.217.249	141.142.220.235	33582	-
+1329843194.095782	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	LIST	-	-	-	-	226	Transfer complete.	(empty)	-	-	-	-	-
+1329843197.672179	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	PORT	141,142,220,235,147,203	-	-	-	200	PORT command successful.	(empty)	F	199.233.217.249	141.142.220.235	37835	-
+1329843199.968212	nQcgTWjvg4c	199.233.217.249	61920	141.142.220.235	33582	<ftp-data>	-	-	-	-	-	-	-	-	(empty)	-	-	-	-	ftp-item-VLQvJybrm38-2.dat
+1329843197.727769	UWkUyAuUGXf	141.142.220.235	50003	199.233.217.249	21	anonymous	test	RETR	ftp://199.233.217.249/./robots.txt	text/plain	ASCII text, with CRLF line terminators	77	226	Transfer complete.	(empty)	-	-	-	-	-
+1329843200.079930	j4u32Pc5bif	199.233.217.249	61918	141.142.220.235	37835	<ftp-data>	-	-	-	-	-	-	-	-	(empty)	-	-	-	-	ftp-item-zrfwSs9K1yk-3.dat
+#close	2013-03-27-17-47-03