[squid-users] FTP Connect but no LIST

Hi,

I'm currently testing Squid on FreeBSD 5.3 to see if it could replace our
good old MS Proxy 2.0 (and mspclient)

Everything seems to work without problem in web browsers (http and ftp) with
ntlm auth.

But

I'm trying to connect through filezilla and have a strange (for me) result :

Status: Connecting to ftp.abcdef.be ...
Status: Connected with ftp.abcdef.be. Waiting for welcome message...
Response: 220 ftp.abcdef.be NcFTPd Server (licensed copy) ready.
Command: USER xxxxxxxxx
Response: 331 User xxxxxxxxx okay, need password.
Command: PASS ********
Response: 230-You are user #3 of 50 simultaneous users allowed.
Response: 230-
Response: 230 Restricted user logged in.
Command: FEAT
Response: 211-Extensions supported:
Response: CLNT
Response: MDTM
Response: MLST
type*;size*;modify*;UNIX.mode*;UNIX.owner;UNIX.uid;UNIX.group;UNIX.gid;uniqu
e
Response: PASV
Response: REST STREAM
Response: SIZE
Response: TVFS
Response: Compliance Level: 19981201 (IETF mlst-05)
Response: 211 End.
Command: SYST
Response: 215 UNIX Type: L8
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is cwd.
Command: PASV
Response: 227 Entering Passive Mode (213,186,59,46,166,82)
Command: TYPE A
Response: 200 Type okay.
Command: LIST
Error: Proxy request failed, can't connect through proxy server
Error: Transfer channel can't be opened. Reason: An established connection
was aborted by the software in your host machine.
Error: Could not retrieve directory listing

And here is my squid.conf :

# TAG: hierarchy_stoplist
hierarchy_stoplist cgi-bin ?

# TAG: no_cache
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_mem 8 MB

cache_dir ufs /usr/local/squid/cache 100 16 256

auth_param ntlm use_ntlm_negotiate off
auth_param ntlm program /usr/local/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320

external_acl_type nt_group ttl=0 concurrency=5 %LOGIN
/usr/local/libexec/squid/wbinfo_group.pl

#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl ssl port 443 563
acl ftp port 21
acl http_https port 80 443
acl CONNECT method CONNECT
acl web_surfer external nt_group web_surfer
acl ftp_users external nt_group ftp_users
acl denied_url dstdomain "/usr/local/etc/squid/denied_url.txt"
#acl FTP_proto proto FTP

http_access deny denied_url

http_access allow CONNECT ftp
http_access allow CONNECT ssl
http_access deny CONNECT

http_access allow manager localhost
http_access deny manager

http_access allow http_https web_surfer
http_access allow ftp ftp_users
http_access deny all

http_reply_access allow all

icp_access allow all

#always_direct allow FTP_proto
#always_direct deny all

# cache_effective_user squid
cache_effective_user squid
cache_effective_group squid

Thank u in advance for ur advices !

Laurent Brichet
Received on Wed Dec 22 2004 - 01:38:14 MST