Re: [squid-dev] [PATCH] Native FTP relay for active FTP

[Alex]

 

 

14.02.2017, 21:50, "Alex Rousskov" <rouss...@measurement-factory.com>:

When I am talking about the forwarding case, I am talking about a simple
configuration without any redirection or other TCP/IP level tricks or
even reverse proxing of any sort: The FTP client sends FTP requests
directly to Squid's ftp_port (specifying the ultimate destination using
an extra @ sign). IIRC, that used to work with popular proxy-aware FTP
clients when we added the ftp_port code.

In that simple case, some FTP client refuse to accept the FTP data
connection from Squid unless that data connection comes from the same
source IP address as the destination address of the corresponding FTP
control connection. The old "Use local IP..." code/comment were added to
make such clients happy (the changes in [trunk] revision 12742.1.41 are
pretty telling, especially in the light of your changes).

 

Just tried the following setup with squid running on localhost:21:

 

[alg@centos64x64 ~]$ ftp 127.0.0.1

Connected to 127.0.0.1 (127.0.0.1).

220 Service ready

Name (127.0.0.1:alg): anonymous@172.17.10.30

331 Anonymous access allowed, send identity (e-mail name) as password.

Password:

230 User logged in.

Remote system type is Windows_NT.

ftp> passive

Passive mode off.

ftp> ls

200 PORT successfully converted to PASV.

125 Data connection already open; Transfer starting.

...

 

I have also tried to connect from my Windows machine to itself via squid on a different machine with FileZilla client (proxy server was specified in settings) - works like a charm.

 

It seems that the patch doesn't make things worse (if I understood you correctly).

_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev