Re: [squid-users] RE: 2.4STABLE1 & authentication & FTP - BUG

From: Robert Collins <robert.collins@dont-contact.us>
Date: 14 Aug 2001 21:43:00 +1000

On 13 Aug 2001 11:35:14 +1000, Robert Collins wrote:
> On 13 Aug 2001 11:30:17 +1000, Ken Thomson wrote:
> > I just deleted all but 2 http_access allow lines.
> >
> > The only allow lines I have now are :
> > http_access allow manager localhost
> > http_access allow password
> >
> > The ACLs for these 2 are:
> > acl manager proto cache_object
> > acl localhost src 127.0.0.1/255.255.255.255
> > acl password proxy_auth REQUIRED
> >
> > The search exception lines I deleted only contained very specific words,
> > which would be unlikely to occur in many FTP URLs (eg. acl noporn3 url_regex
> > -i ethicsexam). Whereas it was allowing access to all FTP URLs which I
> > tried (and I did pick ones which wouldn't have had the search exceptions).
> >
> > It is still rendering the FTP directories before asking for authentication
> > even after the http_access allows have been deleted.
> >
> > Interesting.
> >
> > The only other possibility is we do patch our version of squid with
> > SmartFilter from Secure Computing (v3 for squid 2.4s1). Maybe its patch is
> > making the difference.
>
> I'll cross check tonight (in about 6 hours) this for you. Sounds like
> Smartfilter to me though. Shame it's not open source or we could offer
> to fix it :].
>
> Rob

Hmm. Well 1 day 6 hours - confirmed. Squid asks for authentication
before returning any ftp data.

Rob
Received on Tue Aug 14 2001 - 05:43:08 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:37 MST