[squid-users] RV: squid
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Jun 15 12:50:49 UTC 2017
>On Thursday 15 June 2017 16:22:44 javier perez wrote:
>
>> I installed squid(3.5.20) on CentOS 7 minimal to perform as an ftp-proxy.
>>
>> My configuration file looks like this:
>
>...snip...
>
>> acl SSL_ports port 443 21
On 15.06.17 13:03, Antony Stone wrote:
>Why are you specifying port 21 as SSL?
apparently result of windows settings "enable folder view for FTP sites" that
causes explorer avoid using proxy for ftp:// and connect directly as FTP
client.
maybe IE in this case uses CONNECT tunnels for FTP protocol.
I wonder how would it behave if you enabled SOCKS server.
>"ftp_passive off" should mean that you can't do passive FTP through the Squid
>server, but it won't stop the client application from trying.
>
>You need to tell the client system/s always to use active FTP (which will go
>through Squid) - Squid can't do that for you - it will simply allow or block
>whatever requests come its way.
clients using squid as CONNECT proxy technically can't use PORT mode, since
HTTP does not contain anything like LISTEN.
intercepted FTP connections are something different, although support for
this is relatively new (since 3.5)
there is SOCKS protocol that supports listening required by PORT/EPRT mode,
although most of FTP clients use passive by default
(not sure about windows commandline FTP client - at least in XP is only
supported PORT mode)
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend to live forever - so far so good.
More information about the squid-users
mailing list