[squid-users] RV: squid
javier perez
javier.perez at accelya.com
Thu Jun 15 11:38:27 UTC 2017
>> I installed squid(3.5.20) on CentOS 7 minimal to perform as an ftp-proxy.
>>
>> My configuration file looks like this:
>...snip...
snip?
>> acl SSL_ports port 443 21
>Er, what?
>Why are you specifying port 21 as SSL?
I saw many guides that ask for it e.g.
https://unix.stackexchange.com/questions/15484/connecting-to-ftp-sites-via-squid
I understand thet its in order to apply acls to those ports invoking
"SSL_ports".
>> ftp_passive off
>...snip...
snip?
>> The thing is that the parameter "ftp_passive off" seems not to be
>> working.
>> The connection works fine with the remote hosts, the login works, but
>> I have to enter "passive" every single time to swap the mode to
>> non-passive.
>Surely the option merely tells Squid whether to allow active or passive FTP
>connections - it doesn't tell the client application what to ask for.
>"ftp_passive off" should mean that you can't do passive FTP through the
>Squid server, but it won't stop the client application from trying.
>You need to tell the client system/s always to use active FTP (which will
>go through Squid) - Squid can't do that for you - it will simply allow or
>block whatever requests come its way.
The thing is that my destination hosts are only listening on port 21
(active) and my source hosts have the passive mode disabled...
Here you have an example of some other weird stuff:
With a Windows host (passive mode disabled) I do an ftp through CMD to my
proxy, then I enter user at host(this host accepts active and passive mode), I
enter the password, Access granted. But when I try dir/ls the host
disconnects me.
But if I remove " ftp_passive off" it works!! Non-sense to me...
Thank you Anthony for your quick answer.
Regards
More information about the squid-users
mailing list