[squid-users] Send FileZilla FTP traffic through ICAP server

From: Dave <dave_at_thinkwelldesigns.com>
Date: Wed, 24 Apr 2013 21:05:10 -0400

Good evening everyone,

Using Squid 3.3.3 on Centos 6.4. I need to be able to send FTP client
traffic through an ICAP server for Data Loss Prevention (DLP) purposes.

I have the following ACLs defined in squid.conf

*******************************************************
acl ftp proto FTP
acl ftp_port port 20 21

http_access allow ftp_port connect
http_access allow ftp
*******************************************************

However, when I attempt to connect to my FTP server via FileZilla, I get the
following squid log:

*******************************************************
366851550.677 396 192.168.137.1 NONE/200 0 CONNECT
ftp.thinkwelldesigns.com:21 - HIER_DIRECT/208.106.209.235 -
*******************************************************

For its part, FileZilla reports:
*******************************************************
Status: Connecting to ftp.thinkwelldesigns.com through proxy
Status: Connecting to 192.168.137.128:3128...
Status: Connection with proxy established, performing handshake...
Response: Proxy reply: HTTP/1.1 200 Connection established
Status: Connection established, waiting for welcome message...
Error: Connection timed out
Error: Could not connect to server
*******************************************************

It seems I'm almost there, but not quite. Any help for me?

Thanks,

Dave
Received on Thu Apr 25 2013 - 01:05:14 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 25 2013 - 12:00:07 MDT