here is my way to use squid for proxy'ing ftp connections:
most of the users use ftp only for downloading files in anonymous login and this work fine w/ browsers.
some users need specific access to some sites for upload, they use FileZilla configured to use HTTP1.1 proxy (that is my squid) in passive mode.
for these sites my squid conf is the following: (SSL_ports is configured as in default)
--snip-- acl lycos_ftp dst 212.78.204.231/32
http_access allow CONNECT lycos_ftp http_access deny CONNECT !SSL_ports --snap--
In this way I'm allowing connect (that could be used for other protocol that I don't want) only to this specific site.
I there a better way to deal w/ it ? (note that I don't want to install a ftp proxy like frox)
Is this way unsecure in any way ?
thanks
--Yedidia
