Re: [squid-users] Re: FTP through squid

Hello,

I am running Debian Squeeze with squid 3.1.6-1.2+squeeze2

with the command line it works :
 $ftp ftp.free.fr
Connected to ftp.proxad.net.
220 Welcome to ProXad FTP server
Name (ftp.free.fr:hugo.deprez): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
lrwxrwxrwx 1 ftp ftp 28 Jun 14 2011 MPlayer ->
mirrors/mplayerhq.hu/MPlayer
drwxr-xr-x 2 ftp ftp 4096 May 07 2008 awstats
drwx------ 2 ftp ftp 16384 Mar 08 2006 lost+found
drwxr-xr-x 3 ftp ftp 4096 Jan 04 11:44 mirrors
drwxr-xr-x 2 ftp ftp 4096 Dec 24 2008 nzb
drwxr-xr-x 10 ftp ftp 4096 Nov 23 2009 pub
drwxr-xr-x 2 ftp ftp 81920 May 03 22:30 stats
drwxr-xr-x 2 ftp ftp 4096 May 04 09:35 tmp
226 Directory send OK.

I do have this error for all ftp server I try with ftp.mozilla.org

Any idea ?

On 4 May 2012 06:16, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> Continuing the top-posting trend...
>
> free.fr is an IPv6-enabled network. Which means Squid version and your OS
> type is now quite important when debugging.
>
> Amos
>
>
> On 4/05/2012 1:58 a.m., FredB wrote:
>>
>> Firewall problem with passive/active ? Just try on shell
>>
>> ftp ftp.free.fr ->  with password and login anonymous anonymous
>>
>>>  [02/May/2012:11:44:55 +0200] "GET ftp://ftp.free.fr/ HTTP/1.0" 504
>>>>
>>>> 3190 "-" "Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101
>>
>> 504 mean Gateway Timeout: The server was acting as a gateway or proxy and
>> did not receive a timely response from the upstream serve
>>
>> ----- Mail original -----
>>>
>>> De: "Hugo Deprez"
>>>
>>> Hello,
>>>
>>> no one have an idea on this issue ?
>>>
>>> Regards
>>>
>>>
>>>
>>> On 2 May 2012 11:55, Hugo Deprez wrote:
>>>>
>>>> Dear community,
>>>>
>>>> I am setting up a squid proxy but I am not able to allow access to
>>>> ftp server.
>>>> I read many explanation on this but I'm a bit lost.
>>>>
>>>> So here is my conf :
>>>>
>>>>
>>>> acl SSL_ports port 443 20 21
>>>> acl Safe_ports port 80          # http
>>>> acl Safe_ports port 21          # ftp
>>>> acl Safe_ports port 443         # https
>>>> acl CONNECT method CONNECT
>>>>
>>>> ####### IPOC ACL's
>>>> acl sub1 src 10.1.1.0/24
>>>> acl sub2 src 10.1.2.128/25
>>>> acl ftp proto FTP
>>>> http_access allow ftp
>>>> ###### Default access based on defined access lists
>>>> http_access allow manager localhost
>>>> http_access deny manager
>>>> # Deny requests to certain unsafe ports
>>>> http_access deny !Safe_ports
>>>> # Deny CONNECT to other than secure SSL ports
>>>> http_access deny CONNECT !SSL_ports
>>>> http_access allow sub1
>>>> http_access allow sub2
>>>> # Deny all
>>>> http_access deny all
>>>>
>>>> ###### Squid's port
>>>> http_port 3128
>>>>
>>>> ###### Default Squid
>>>>
>>>> hierarchy_stoplist cgi-bin ?
>>>> refresh_pattern ^ftp:           1440    20%     10080
>>>> refresh_pattern ^gopher:        1440    0%      1440
>>>> refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
>>>> refresh_pattern .               0       20%     4320
>>>>
>>>> I can see the following log in the access.log :
>>>>
>>>>  [02/May/2012:11:44:55 +0200] "GET ftp://ftp.free.fr/ HTTP/1.0" 504
>>>> 3190 "-" "Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101
>>>> Firefox/12.0" TCP_MISS:DIRECT
>>>>
>>>> But I get a squid error message on firefox :
>>>> The requested URL could not be retrieved
>>>>
>>>> What am I missing here ?
>>>>
>>>> Regards,
>>>>
>>>> Hugo
>
>
Received on Fri May 04 2012 - 09:58:07 MDT