Re: [squid-users] Re: FTP through squid

From: FredB <fredbmail_at_free.fr>
Date: Thu, 3 May 2012 15:58:17 +0200 (CEST)

Firewall problem with passive/active ? Just try on shell

ftp ftp.free.fr -> with password and login anonymous anonymous

> [02/May/2012:11:44:55 +0200] "GET ftp://ftp.free.fr/ HTTP/1.0" 504
> > 3190 "-" "Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101

504 mean Gateway Timeout: The server was acting as a gateway or proxy and did not receive a timely response from the upstream serve

----- Mail original -----
> De: "Hugo Deprez" <hugo.deprez_at_gmail.com>
> À: squid-users_at_squid-cache.org
> Envoyé: Jeudi 3 Mai 2012 15:48:40
> Objet: [squid-users] Re: FTP through squid
>
> Hello,
>
> no one have an idea on this issue ?
>
> Regards
>
>
>
> On 2 May 2012 11:55, Hugo Deprez <hugo.deprez_at_gmail.com> wrote:
> > Dear community,
> >
> > I am setting up a squid proxy but I am not able to allow access to
> > ftp server.
> > I read many explanation on this but I'm a bit lost.
> >
> > So here is my conf :
> >
> >
> > acl SSL_ports port 443 20 21
> > acl Safe_ports port 80          # http
> > acl Safe_ports port 21          # ftp
> > acl Safe_ports port 443         # https
> > acl CONNECT method CONNECT
> >
> > ####### IPOC ACL's
> > acl sub1 src 10.1.1.0/24
> > acl sub2 src 10.1.2.128/25
> > acl ftp proto FTP
> > http_access allow ftp
> > ###### Default access based on defined access lists
> > http_access allow manager localhost
> > http_access deny manager
> > # Deny requests to certain unsafe ports
> > http_access deny !Safe_ports
> > # Deny CONNECT to other than secure SSL ports
> > http_access deny CONNECT !SSL_ports
> > http_access allow sub1
> > http_access allow sub2
> > # Deny all
> > http_access deny all
> >
> > ###### Squid's port
> > http_port 3128
> >
> > ###### Default Squid
> >
> > hierarchy_stoplist cgi-bin ?
> > refresh_pattern ^ftp:           1440    20%     10080
> > refresh_pattern ^gopher:        1440    0%      1440
> > refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
> > refresh_pattern .               0       20%     4320
> >
> > I can see the following log in the access.log :
> >
> >  [02/May/2012:11:44:55 +0200] "GET ftp://ftp.free.fr/ HTTP/1.0" 504
> > 3190 "-" "Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101
> > Firefox/12.0" TCP_MISS:DIRECT
> >
> > But I get a squid error message on firefox :
> > The requested URL could not be retrieved
> >
> > What am I missing here ?
> >
> > Regards,
> >
> > Hugo
>
Received on Thu May 03 2012 - 13:58:32 MDT

This archive was generated by hypermail 2.2.0 : Fri May 04 2012 - 12:00:02 MDT