Kirtimaan wrote:
> Hello,
>
> Recently I installed the Squid Proxy server in our network on Fedora
> Core 7 linux box. Other windows system use this linux box as their
> Internet Gateway and DNS server. All traffic on port 80 on fedora system
> is forwarded to Squid port 3128.
>
> Our FTP server does not support passive connections. Now when we connect
> to our ftp server, ftp client fails to connect with message :
>
>> Entering Passive Mode
PASV mode was attempted by the client.
>> Illegal PORT command
... it failed. Squid attempted a PORT.
... that failed too and FTP-server said "Illegal PORT command".
I'd suggest first fixing the connectivity into your FTP server. It's not
accepting ANY inbound requests from squid.
>
> As a FTP client, Total Commander 7.02a is being used in our network.
>
> Is there any option in squid to use active connection instead of passive
> connection. In squid.conf file, I turned off ftp_passive option. So now
> setting looks as
>
>
> # TAG: ftp_passive
> # If your firewall does not allow Squid to use passive
> # connections, turn off this option.
> #
> #Default:
> # ftp_passive on
> ftp_passive off
>
> But still facing same problem.
Naturally with PORT (non-passive) failing, forcing it as the only
connect method will also fail.
Like Shashir Saud suggested:
try "modprobe ip_nat_ftp"
Amos
-- Please use Squid 2.6STABLE17+ or 3.0STABLE1+ There are serious security advisories out on all earlier releases.Received on Sun Feb 24 2008 - 06:12:16 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST