Re: [squid-users] ftp w/ FileZilla and squid

From: Yedidia Klein <yedidia@dont-contact.us>
Date: Thu, 13 May 2004 13:58:57 +0300

Pham Mai Quan wrote:

>
>
>Did u see default squid.conf ??
>
>acl Safe_ports port 21
>http_access deny !Safe_ports
>http_access deny CONNECT
>
>This will be allow all connection through squid to port 21 (FTP Request)
>
>
>
this won't help for ftp PUT,
that connect to high ports.

--Yedidia

>
>
>-----Original Message-----
>From: Yedidia Klein [mailto:yedidia@jct.ac.il]
>Sent: Thursday, May 13, 2004 2:08 PM
>To: squid-users@squid-cache.org
>Subject: [squid-users] ftp w/ FileZilla and squid
>
>Hello,
>
>here is my way to use squid for proxy'ing ftp connections:
>most of the users use ftp only for downloading files in anonymous login and
>this work fine w/ browsers.
>some users need specific access to some sites for upload, they use FileZilla
>configured to use HTTP1.1 proxy (that is my squid) in passive mode.
>for these sites my squid conf is the following: (SSL_ports is configured as
>in default)
>
>--snip--
>acl lycos_ftp dst 212.78.204.231/32
>
>http_access allow CONNECT lycos_ftp
>http_access deny CONNECT !SSL_ports
>--snap--
>
>In this way I'm allowing connect (that could be used for other protocol that
>I don't want) only to this specific site.
>
>I there a better way to deal w/ it ? (note that I don't want to install a
>ftp proxy like frox) Is this way unsecure in any way ?
>
>thanks
>
>--Yedidia
>
>
Received on Thu May 13 2004 - 05:00:41 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT