LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-28-2009, 05:21 AM   #1
ajayan
Member
 
Registered: Dec 2007
Posts: 89

Rep: Reputation: 16
FTP Communication through squid


Dear all,
I have configured a proxy server on my Linux Machine (Redhat 5).Every thing is working except ftp.My local clients are Windows XP and the tool we are using is WS_FTP Professional.Other Service are working properly http,https etc.But i can connect properly from the squid machine to the remote FTP Server but not from our windows clients.My Squid configuration file is posted below.

http_port 3128
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl ftp proto FTP

acl our_networks src 91.0.0.0/24
http_access allow our_networks

# And finally deny all other access to this proxy
http_access allow localhost
always_direct allow ftp
http_access deny all

Any help will be appreciated.
 
Old 05-28-2009, 05:32 AM   #2
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Is the squid configured to work as transparent squid? If not then it might be required for you to configure your FTP client software to go through proxy explicitly. There could be some option to specify proxy settings somewhere.
 
Old 05-28-2009, 08:29 AM   #3
nuwen52
Member
 
Registered: Feb 2009
Distribution: Debian, CentOS 5, Gentoo, FreeBSD, Fedora, Mint, Slackware64
Posts: 208

Rep: Reputation: 46
Could be wrong about this, but I don't think that squid can act as a transparent FTP proxy. If I'm wrong about this, let me know cause it would be a big help to me also.
 
Old 05-28-2009, 10:29 AM   #4
ajayan
Member
 
Registered: Dec 2007
Posts: 89

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by linuxlover.chaitanya View Post
Is the squid configured to work as transparent squid? If not then it might be required for you to configure your FTP client software to go through proxy explicitly. There could be some option to specify proxy settings somewhere.
ThankYou For Suggession.But actually this proxy is not configured as a transparent one.Also i made all the settings in the FTP client to go through Squid.Any other Suggestion
 
Old 05-28-2009, 08:49 PM   #5
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Try adding logging to the iptables on the proxy and check the ftp clients are connecting properly, and/or check the squid log.
 
Old 06-03-2009, 01:34 AM   #6
ajayan
Member
 
Registered: Dec 2007
Posts: 89

Original Poster
Rep: Reputation: 16
Quote:
Originally Posted by chrism01 View Post
Try adding logging to the iptables on the proxy and check the ftp clients are connecting properly, and/or check the squid log.
Sorry I can't follow You. What i can do in iptables.
 
Old 06-03-2009, 10:05 PM   #7
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
On the proxy machine,

# LOG, then DROP everything (last 2 lines in iptables)
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP

on the input side (LAN). Usually logs to /var/log/messages. Should show if ftp attempts are even getting that far.
Once you've fixed that, you can add same rules to the output chain to see if the requests make it out to the internet.
Similarly on the rtn pkts from the internet.
iptables logging allows you to see exactly how far your pkt gets, and what the problem was, if any.


If you want a different logfile used: http://www.cyberciti.biz/tips/force-...-log-file.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid + FTP james321 Linux - Server 1 10-28-2008 10:09 AM
Fault in KDE processes communication: Could not read network communication list Magnus Johansson MEPIS 0 03-30-2008 01:50 PM
ftp through squid balajimunde Linux - Server 1 10-03-2007 03:21 PM
Access authenticating FTP sites using FTP Clients on XP clients via SQUID munirg2003 Linux - Networking 2 06-12-2007 11:58 PM
shell script to check ftp communication yuva_mca Linux - General 2 12-01-2005 08:15 AM


All times are GMT -5. The time now is 08:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration