Re: ipchains / squid / ftp

To: debian-firewall@lists.debian.org
Subject: Re: ipchains / squid / ftp
From: "Marco Antonio" <marcoantonio@london.com>
Date: Thu, 01 Aug 2002 15:32:26 -0500
Message-id: <[🔎] 20020801203226.67499.qmail@mail.com>

My squid.conf has lines like this:

acl Safe_ports port 80 21 20 443 563 70 210 1025-65535
http_access deny !Safe_ports

So I think its not the case. But there is something else that I noticed: if I use a 'complete' url like ftp://host.com/folder/file.ext it works, and the download happens. But if my url ends in the folder, for a listing of its contents, it doesn't work.

----- Original Message -----
From: Henrique Pedroni Neto <henrique@ital.org.br>
Date: Thu, 1 Aug 2002 17:02:24 -0300
To: debian-firewall@lists.debian.org
Subject: Re: ipchains / squid / ftp


> Hi Marco,
> 
> You open the ports 20 ans 21 in the squid.conf
> at:
>        
> acl Safe_ports port 20          
> acl Safe_ports port 21          
> 
> http_access deny !Safe_ports
> 
> ?
> 
> Bye,
> Henrique
> 
> > Hi all,
> > 
> > Our firewall here is using debian 3.0 upgraded from potato, with kernel 2.2.19 and ipchains 1.3.10-15, and is configured to use masquerade.
> > 
> > Behind this firewall, there is another debian 3.0 machine with kernel 2.2.19 running squid recently upgraded to version 2.4.6-2. Every machine in our network has to be configured to use this proxy for accessing the internet.
> > 
> > Our problem, that lasts for a long time, since potato days, is that we can't access most external ftp sites through squid even using passive mode. When some machine has to access this kind of ftp server, the only way is to open the firewall for that machine access the site without passing through the squid proxy. One example of such ftp site is ftp://ftp.horde.org/pub/imp/ 
> > and ftp://ftp.microsoft.com  :)
> > 
> > Any help?
> > Thanks in advance.
> 
> -- 
> Henrique Pedroni Neto
> Administrador de Rede - ITAL (http://www.ital.org.br)
> E-mail: henrique@ital.org.br
> UIN: 8146255
> Dúvidas sobre Debian? Visite o Rau-Tu: http://rautu.cipsga.org.br
> 

-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Get 4 DVDs for $.49 cents! plus shipping & processing. Click to join. 
http://adfarm.mediaplex.com/ad/ck/990-1736-3566-59

Reply to:

Prev by Date: Re: ipchains / squid / ftp
Next by Date: iptables script review request
Previous by thread: Re: ipchains / squid / ftp
Next by thread: iptables script review request
Index(es):
- Date
- Thread