Re: [squid-users] FTP over squid

Hi,
Thanks for everyone's help. I am grateful to all of
you. But, can anyone explain why do the documentation
of squid speak about ftp. PLease refere to my
following comments taken from squid documentation.

Tag Name
always_direct
Usage
always_direct allow|deny [!]aclname ...

Description
Here you can use ACL elements to specify requests,
which should ALWAYS be forwarded directly to origin
servers. This is mostly used while using cache_peer.
See also never_direct . For Further reference on
always_direct, please click here.
Default
always_direct is by default deny.

Example
For example, to always directly forward requests for
local servers use something like:
acl local-servers dstdomain .my.domain.net
always_direct allow local-servers

To always forward FTP requests directly, use
acl FTP proto FTP
always_direct allow FTP

Example for denying specific domain
acl local-external dstdomain .external.foo.net
acl local-servers dstdomain .foo.net
always_direct deny local-external
always_direct allow local-servers

Caution
There is a similar, but opposite option named '
never_direct'. You need to be aware that
"always_direct deny foo" is NOT the same thing as
"never_direct allow foo". You may need to use a deny
rule to exclude a more-specific case of some other
rule.

AND ALSO SEE THIS

Support for external functions
Tag Name
ftp_user
Usage
ftp_user username

Description
This tag can be used if you want the anonymous login
password to be more informative. You can set this to
something reasonable for your domain, like
squid@squid.visolve.com. The reason why this is domain
less by default is that the request can be made on the
behalf of a user in any domain, depending on how the
cache is used. Some ftp servers also validate the
email address. For detailed explanation Click Here
Default
ftp_user Squid@

Example
ftp_user squid@squid.visolve.com

 
Tag Name
ftp_list_width
Usage
ftp_list_width number

Description
This tag is used to set the width of ftp listings.
This should be set to fit in the width of a standard
browser. Setting this too small can cut off long
filenames when browsing ftp sites.
Default
ftp_list_width 32

Example
ftp_list_width 64

 
Tag Name
ftp_passive
Usage
ftp_passive on|off

Description
If your firewall does not allow Squid to use passive
connections, then turn off this option.
Default
ftp_passive on

Please comment.

REgards
Abdul Khader

--- Henrik Nordstrom <hno@squid-cache.org> wrote:
> fre 2003-09-12 klockan 12.30 skrev oleg-s:
> > On Fri, 12 Sep 2003 02:25:52 -0700 (PDT)
> > Abdul Khader <abdulkhader7862003@yahoo.com> wrote:
> >
> > > Hi,
> > > I am a newbi to squid. I would like to know if I
> can
> > > do ftp over squid. By default it does not do
> ftp. I
> > > would be obliged of any early help.
> >
> > check your Safe_ports acl and see if port 20 (ftp
> data) among them.
>
> Not relevant. Squid is NOT a FTP proxy and there
> will never be a request
> for port 20 via Squid. (or at least there never
> should be a request for
> port 20, if there is it almost certainly is a hacker
> doing something
> nasty)
>
> The FTP server may make use of port 20 at the FTP
> server when a HTTP
> client have requested a ftp:// object via Squid but
> this is a completely
> different question and not even a requirement by the
> FTP protocol.
>
> Squid IS NOT a FTP proxy. Squid is a HTTP proxy.
> HTTP proxies can
> operate on ftp:// URLs when requested to do so by
> HTTP clients, but HTTP
> proxies are NOT FTP proxies.
>
>
> The main difference between what is a HTTP proxy and
> what is a FTP proxy
> (apart from quite different functionality) is in
> what protocol is used
> between the client and the proxy. In case of a HTTP
> proxy the HTTP
> protocol is used between the client and the proxy
> and the client can ask
> the proxy via HTTP to operate on basically any kind
> of URL but with the
> semantics of the HTTP protocol.
>
> In case of FTP proxies the client talks FTP to the
> proxy using any of
> the FTP proxy models (user@host etc), and the proxy
> can normally only
> operate on FTP objects with the semantics of the FTP
> protocol.
>
> If you need a FTP proxy then use a FTP proxy such as
> frox. Squid is NOT
> a FTP proxy. Squid is a HTTP proxy. In the same
> manner frox is NOT a
> HTTP proxy, frox is a FTP proxy. If you need both
> proxy types then run
> both software on the same server (or different
> servers, your choice).
>
> Regards
> Henrik
>
>
> --
> Donations welcome if you consider my Free Squid
> support helpful.
>
https://www.paypal.com/xclick/business=hno%40squid-cache.org
>
> Please consult the Squid FAQ and other available
> documentation before
> asking Squid questions, and use the squid-users
> mailing-list when no
> answer can be found. Private support questions is
> only answered
> for a fee or as part of a commercial Squid support
> contract.
>
> If you need commercial Squid support or cost
> effective Squid and
> firewall appliances please refer to MARA Systems AB,
> Sweden
> http://www.marasystems.com/, info@marasystems.com
>

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
Received on Fri Sep 12 2003 - 06:25:25 MDT