Re: [squid-users] Setting Squid to allow active FTP connections from Kirtimaan on 2008-03-13 (squid-users)

From: Kirtimaan <kirtimaan.mg@dont-contact.us>
Date: Thu, 13 Mar 2008 18:31:31 +0530

Hello Norman,

Right now I am away from that system. I will be able to post the
squid.conf file after 25th of this month.

Thanks, Kirtimaan

Norman Noah wrote:
> Hello Kirtimaan,
>
> can u show ur squid.conf cause i'm still having problem accesing ftp
> through squid.
>
> On Mon, Feb 25, 2008 at 12:05 PM, Kirtimaan <kirtimaan.mg@gmail.com
> <mailto:kirtimaan.mg@gmail.com>> wrote:
>
> Hello Amos,
>
> Thanks for your reply, I tried the command which Shishir suggested and
> it worked.
>
> Thanks, Kirtimaan
>
> Amos Jeffries wrote:
> > Kirtimaan wrote:
> >> Hello,
> >>
> >> Recently I installed the Squid Proxy server in our network on Fedora
> >> Core 7 linux box. Other windows system use this linux box as their
> >> Internet Gateway and DNS server. All traffic on port 80 on
> fedora system
> >> is forwarded to Squid port 3128.
> >>
> >> Our FTP server does not support passive connections. Now when we
> connect
> >> to our ftp server, ftp client fails to connect with message :
> >>
> >>> Entering Passive Mode
> >
> > PASV mode was attempted by the client.
> >
> >>> Illegal PORT command
> >
> > ... it failed. Squid attempted a PORT.
> > ... that failed too and FTP-server said "Illegal PORT command".
> >
> >
> > I'd suggest first fixing the connectivity into your FTP server.
> It's not
> > accepting ANY inbound requests from squid.
> >
> >>
> >> As a FTP client, Total Commander 7.02a is being used in our network.
> >>
> >> Is there any option in squid to use active connection instead of
> passive
> >> connection. In squid.conf file, I turned off ftp_passive option.
> So now
> >> setting looks as
> >>
> >>
> >> # TAG: ftp_passive
> >> # If your firewall does not allow Squid to use passive
> >> # connections, turn off this option.
> >> #
> >> #Default:
> >> # ftp_passive on
> >> ftp_passive off
> >>
> >> But still facing same problem.
> >
> > Naturally with PORT (non-passive) failing, forcing it as the only
> > connect method will also fail.
> >
> > Like Shashir Saud suggested:
> > try "modprobe ip_nat_ftp"
> >
> >
> > Amos
>
>
Received on Thu Mar 13 2008 - 07:01:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT