Quid won't proxy the ftp connections - it only does ftp over http. It is not a true ftp proxy. What you need is a true ftp proxy. THis means you can tranparently redirect incoming ftp connections to the internal ftp server, or use the proxy options in all good ftp clients for outgoing proxyed ftp connections. I have tried nearly all of the ones out there. Search around for ftp proxys. Joe's ftp gateway didn't work so great, the one by Suse seemed to be ok. You can get sources by searching for proxy-suite on the suse site. These are still are work in progress atm tho. I found much of the code in the four or so programs i tried was not fully done. So best of luck. We did manage to get the suse one to work tho. Even got it compiled on an old freebsd box. - after some hacking i think tho. neway, ftp proxy is what you need. Go to google search for linux ftp proxy :) gl, dave > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Stephen Graham > Sent: Tuesday, 5 September 2000 9:28 PM > To: [EMAIL PROTECTED] > Subject: [SLUG] Forwarding FTP connections to an internal server > (continued) > > > Hey > > I just thought I would report the (quite unfortunate) results of > my attempts > so far (on Debian GNU/Linux 2.2, the firewall machine is also ip > masquerading (successfully) some internal hosts for web, outbound FTP > etc)... > > I tried simply forwarding port 21 to the internal FTP server, but > this does > not work since the outbound packets get lost. > > This is the same as what happens when I try to use an FTP > redirection client > or any port forwarding (or autofw) strategies I have thusfar encountered. > > Unfortunately, Fred Vile's patch (to allow inbound FTP) is only > for the 2.0 > kernel. I found a similar patch for the 2.2 kernel, but it > apparently does > not work as it also seems to loose the outbound data packets > (specifically, > the client can send the 200 (PORT) command fine, but then it > hangs, and when > I send ^C to the client it just says (421, connection closed by host)). > > The IP Masq HOWTO (which is great for most things) simply says that it can > not be done, but that the new NetFilter may take care of this. > > Does anyone have experience with NetFilter? (Esp retro-fitting it > onto a 2.2 > firewall) > > Also, it was suggested by a friend that I use squid to proxy the FTP > connections. Does anyone have experience with this option (or > even know if > it is possible!) > > Thanks > > Stephen > > -- > If it weren't for the last minute, nothing would ever get done. > > > > > -- > SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ > More Info: http://slug.org.au/lists/listinfo/slug > -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
