RE: [squid-users] Access Lists and FTP

Thankyou kindly, it worked a treat!

-----Original Message-----
From: Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Sent: Monday, 30 August 2010 1:51 PM
To: squid-users_at_squid-cache.org
Subject: Re: [squid-users] Access Lists and FTP

On Mon, 30 Aug 2010 12:28:06 +0930, "Greg Darby"
<greg.darby_at_ramelec.com.au> wrote:
> Hi,
>
> I am running Squid and a business decision was to deny access to FTP
(Port
> 21) hence it is not in the safe port list. We now have a supplier that
> wishes for us to use FTP to download price lists etc however i have
> not been able to get Squid to allow the FTP traffic using ACL's
> without adding
the
> FTP port to the safe list.
>
> What i would like to ask is if there is a way to configure Squid to
allow
> outbound FTP connection to a single destination host only from a range
of
> source IP'sinside our network?

Add it back to the Safe_ports list and add extra ACLs to control where is
accessible to:

acl FTP proto FTP
acl supplier dstdomain example.com

http_access allow FTP supplier
http_access deny FTP

Amos

Disclaimer:
This email and it's attachments are intended for the use of the individual or entity named above and may contain information that is confidential and privileged. If you are not the intended recipient you must not disclose, distribute or reproduce any of it's contents as it may be a breach of confidentiality. Any views expressed in this communication are those of the individual sender, except where the sender specifically states them to be the views of any of the Ramelec Group of companies.The Ramelec Group does not, except by law, represent, warrant and/or guarantee that this electronic communication is free of errors, virus, malicious code, interception or interference and any failure or delay of it's delivery. The Ramelec Group reserves the right to monitor and/or alter the content or attachment of any email at it's discretion.
Received on Mon Aug 30 2010 - 04:57:02 MDT