[squid-users] FTP proxy
Andrea Venturoli
ml at netfence.it
Tue Dec 8 07:50:12 UTC 2020
On 12/7/20 4:08 PM, Alex Rousskov wrote:
> On 12/7/20 5:03 AM, Andrea Venturoli wrote:
>
>> I'm talking about the ports used by the clients to conect to Squid
>> (besides 21), using passive FTP (i.e. those returned by PASV command).
>
> Just to avoid misunderstanding, "those returned by PASV command" should
> be interpreted as "ports returned by Squid to the client in response to
> the client PASV command". The PASV command itself does not list ports.
Yes, that's what I meant.
Thanks for clarifying.
> When handling a PASV command, Squid creates a listening socket bound to
> an ephemeral TCP port selected by the operating system. Ephemeral port
> ranges are usually handled by your OS ephemeral ports setting (e.g.,
> sysctl net.ipv4.ip_local_port_range).
For the record, since I'm not using Linux, but FreeBSD, I guess that
would be net.inet.ip.portrange.first/net.inet.ip.portrange.last (or,
possibly, net.inet.ip.portrange.hifirst/net.inet.ip.portrange.hilast,
I'd have to check the source).
However those are system wide settings; I guess there is no equivalent
of frox.conf's "PassivePorts" settings, then.
Thanks.
More information about the squid-users
mailing list