[squid-users] Proxy hierarchy and FTP access
Amos Jeffries
squid3 at treenet.co.nz
Wed Feb 28 12:28:57 UTC 2018
On 28/02/18 23:58, Grey wrote:
> Thanks for the replies guys!
> I'm sorry Jascha but the suggestions you got in your thead went kind of over
> my head, can I ask you if and how you "do allow the front-end Squid to
> re-FTP the traffic to the appropriate server then intercept it independently
> into the backend with its own ftp_port accepting the "native FTP" coming out
> of the frontend"?
With the ftp_port feature the client essentially thinks it is talking to
an FTP server.
The point of the idea was to have your frontend Squid thinking its
talking to the origin, when actually its connections are being sent to
the backend Squid.
Much like most NAT systems do for FTP already.
> If that's a "technically possible only" suggestion, I guess my only
> alternative is to let my FileZilla client connect directly to my DMZ Squid
> machine and do the ACL stuff there, right?
The suggestion was "technically possibly only" at the time simply
because it was an idea I had. Nobody has actually tried do it and
reported the results AFAIK.
Amos
More information about the squid-users
mailing list