Squid is unable to use ftp on the client side, that is a lot of ftp-clients can not be used with squid.
Squid connects to ftp-Server Port 21 (control), Server tells the client a Hiport. Squid connects this Port for Data. (PASV) If you are inside a firewall you are most certainly using PASV. (Dont know if this is the squid default). File is delivered to browser via http.
Regards, Hendrik
Lizzy Dizzy wrote:
Thanks!
I saw an entry inside access log that looks like:
GET ftp://site/path HTTP/1.X......
So does the user brower actually sends the request to port 80 or port 21?
Thanks
From: Hendrik Voigtl�nder <[EMAIL PROTECTED]> To: Lizzy Dizzy <[EMAIL PROTECTED]> CC: [EMAIL PROTECTED] Subject: Re: [squid-users] Possible squid exploit? Date: Thu, 13 May 2004 21:38:35 +0200
ftp pasv (passive mode) uses hiport-hiport connections.
Lizzy Dizzy wrote:
Hi everyone!
I have a network setup such that my router will only throw dest port 80 &
8080 traffic (Transparent proxy) to my squid server.
Squid is listening to port 80 and 8080 only. I've got an acl that deny the
CONNECT method for being used for all ports except 443.
When I do a netstat I found out that:
myserverip:44271 202.103.8.114:4365
where 203.103.8.114 is ftp1.tvdown.com
The strange thing is that I cannot see any mention of this IP or domain inside access.log.
What could have cause squid to connect to that high port?
Thanks Liz
_________________________________________________________________ Find love on MSN Personals http://personals.msn.com.sg/
_________________________________________________________________
Keep track of Singapore & Malaysia stock prices. http://www.msn.com.sg/money/
