<html><body><div>Hello Garri,</div><div>client FTP - Total Commander (I test WinSCP, FileZilla with same result - after 15 min connection interrupted) with proxy server - proxy server HTTP with FTP support:</div><div>part of squid.conf:</div><div>***************************************************************************************</div><div>acl SSL_ports port 21<br>acl SSL_ports port 1024-65535</div><div>acl SSL_ports port 443<br>acl SSL_ports port 8443<br>acl SSL_ports port 6400</div><div>acl Safe_ports port 80 # http<br>acl Safe_ports port 21 # ftp<br>acl Safe_ports port 443 # https<br>acl Safe_ports port 70 # gopher<br>acl Safe_ports port 210 # wais<br>acl Safe_ports port 1025-65535 # unregistered ports<br>acl Safe_ports port 280 # http-mgmt<br>acl Safe_ports port 488 # gss-http<br>acl Safe_ports port 591 # filemaker<br>acl Safe_ports port 777 # multiling http<br></div><div>acl CONNECT method CONNECT</div><div>acl FTP proto FTP<br>always_direct allow FTP</div><div><br>http_access deny !Safe_ports</div><div># Deny CONNECT to other than secure SSL ports<br>http_access deny CONNECT !SSL_ports</div><div># Only allow cachemgr access from localhost<br>http_access allow localhost manager<br>http_access deny manager</div><div><br></div><div>###############<br># http_access deny localnet !bandwidth_auth<br>###############</div><div>http_access allow localhost</div><div><br></div><div># And finally deny all other access to this proxy<br>http_access deny all</div><div># Squid normally listens to port 3128<br>#http_port 3128 transparent<br>http_port 3128</div><div>ftp_port 21</div><div># Uncomment and adjust the following to add a disk cache directory.<br>#cache_dir ufs /var/log/squid/cache 100 16 256</div><div># Leave coredumps in the first cache dir<br>coredump_dir /var/log/squid/cache</div><div>#<br># Add any of your own refresh_pattern entries above these.<br>#<br>refresh_pattern ^ftp: 1440 20% 10080<br>refresh_pattern ^gopher: 1440 0% 1440<br>refresh_pattern -i (/cgi-bin/|\?) 0 0% 0<br>refresh_pattern . 0 20% 4320</div><div>logfile_rotate 2 </div><div>*************************************************************************</div><div>When I add ftp_port 21 in squid.conf and proxy.reload I get this message:</div><div>/etc/squid/squid.conf:129 unrecognized: 'ftp_port'</div><div>I found this: http://www.squid-cache.org/Doc/config/ftp_port/</div><div>Our version is Squid Cache ver. 3.3.8</div><div><br></div><div><br></div><div>Thank You</div><div>Ludek</div><div><br></div><div><br></div><p>---------- Původní zpráva ----------<br>Od: Garri Djavadyan <garryd@comnet.uz><br>Komu: squid-users@lists.squid-cache.org<br>Datum: 22. 11. 2016 19:18:35<br>Předmět: Re: [squid-users] FTP interrupted</p><br><blockquote>On 2016-11-22 22:24, Garri Djavadyan wrote:<br>> On 2016-11-22 17:05, ludek_coufal wrote:<br>>> Hello,<br>>> Squid Cache ver. 3.3.8 on CentOs Linux 7.2.1511<br>>> <br>>> FTP connection from local net over linux server CentOs firewall with<br>>> Squid proxy to internet FTP server is interrupted every 15 min (900<br>>> sec).<br>>> Large file upload is interrupted.<br>>> Direct connection without Squid proxy work OK.<br>> <br>> Hi,<br>> <br>> The issue may occur, if FTP client uses CONNECT method to connect to<br>> remote FTP servers. You can find details in the following thread:<br>> <br>> http://www.squid-cache.org/mail-archive/squid-users/200609/0111.html<br><br>If your FTP client connects to Squid's http_port then it uses CONNECT <br>method. To solve the problem try to use ftp_port and disable proxy <br>settings on FTP client.<br>For example:<br><br>1. Configure ftp_port.<br># diff etc/squid.conf.default etc/squid.conf<br>59a60<br>> ftp_port 21<br><br>2. Connect from FTP client, where:<br>${squid_ip} - Squid's IP address<br>${squid_ftp_port} - configured ftp_port<br>${username} - username on remote FTP server<br>${ftp_server} - remote FTP server name/IP<br>${password} - password for remote FTP server<br><br>$ ftp ${squid_ip} ${squid_ftp_port}<br>Connected to localhost.localdomain.<br>220 Service ready<br>Name (localhost:garry): ${username}@${ftp_server}<br>530 Must login first<br>530 Must login first<br>SSL not available<br>331 Please specify the password.<br>Password: ${password}<br>230 Login successful.<br>Remote system type is UNIX.<br>Using binary mode to transfer files.<br>ftp><br><br><br>Garri<br>_______________________________________________<br>squid-users mailing list<br>squid-users@lists.squid-cache.org<br>http://lists.squid-cache.org/listinfo/squid-users</blockquote></body></html>