02-May-02 at 14:29, John Paul Szkudlapski (johns@bsfc.ac.uk) wrote :
> Hi Simon
>
> I was just wondering if you know of any docs on how to allow ftp through a
> squid server.... I am changing one of our public ip address machines into a
> local IP range, and figured out that I can't get to any FTP sites
> anymore....
>
> I only want to allow the following through our proxy server : -
>
> acl webadmin 192.168.2.2/255.255.255.255
> acl technician1 192.168.2.3/255.255.255.255
> acl technician2 192.168.2.4/255.255.255.255
> acl technician3 192.168.2.5/255.255.255.255
>
> and deny everyone else.. I have a similar ruleset that deny's everyone to
> download filetypes (.exe, etc) except for the above ip addresses
>
> Can you help ?
Hello,
Well since I'm a UK expat, and know Birkenhead quite well, I will get back
to you. Usually this sort of question should go to the list.
FTP can be sent through Squid, although Squid is an HTTP proxy. It
converts FTP to HTTP pages and the downloads are via HTTP from client <->
squid.
Your browser has to support FTP via proxy, and authentication can be
strange. What are you getting in your access.log when you try to FTP
somewhere? It will, by default, try squid@ftp.host.co.uk for example. If
you need to authenticate, or be anonymous, try:-
ftp://anonymous:john%40doe.com@ftp.host.co.uk/
Also, make sure Squid can get through port 21 on the firewall, and that
passive is turned on (is by default) - search for passive in squid.conf.
Regards,
-- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863Received on Thu May 02 2002 - 08:45:40 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:52 MST