[squid-users] RV: squid
javier perez
javier.perez at accelya.com
Fri Jun 16 06:42:52 UTC 2017
Hi Alex,
I totally understand it, and I know that active ftp is being deprecated, so
It's logic that no further development It's gonna take place.
I'm happy with Squid, and it works perfectly on 99% of my clients but two.
Thank you for your time.
Regards.
On 06/15/2017 09:55 AM, Matus UHLAR - fantomas wrote:
>> ftp://ftp.fu-berlin.de/unix/www/squid/archive/3.5/squid-3.5.0.1-RELEA
>> SENOTES.html " Active and passive FTP support on the user-facing
>> side; require passive connections to come from the control connection
>> source IP address."
> that means, if you open FTP control connection to squid, the passive
> data connection to it must come from the same IP as control connection.
IIRC, the above interpretation is the right one:
* We support both active and passive FTP between an FTP client (a.k.a.
user) and Squid.
* When an FTP client is using passive mode, the data connection must come
from the same IP as the control connection. This restriction blocks attacks
that steal data connection of legitimate FTP users.
AFAIK, there are currently no plans (or even strong demand) to support
active FTP mode between Squid and FTP origin servers.
Alex.
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list