HTTP Anti-Virus Proxy

Official HAVP Support Forum
Registration disabled, I'm tired of spambots. E-mail havp@hege.li if you have questions.
HAVP project is pretty much frozen/abandoned at this time anyway.


All times are UTC + 2 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: FTP does not work....
PostPosted: 05 Jan 2010 12:36 
Offline

Joined: 05 Jan 2010 12:16
Posts: 3
Hi all

I've configured the following environment:

client -> squid (listener tcp 3128) -> havp (listener tcp 8081) -> INTERNET

All works fine. But I'm not able to make FTP-Downloads. I got the following error-message:

Code:
The request is unknown:
FTP is currently supported only
if PARENTPROXY is used!


I configured my squid as written on the "ideas"-page:

Code:
...
...
cache_peer 127.0.0.1 parent 8081 0 no-query no-digest no-netdb-exchange default
...
...


How can I configure the squid / havp to make ftp-downloads through havp?
Thanks a lot.
Tom

PS: I read something with an additional listener and a redirection...but I'm not sure, if this will work in my scenario.


Top
 Profile  
 
PostPosted: 05 Jan 2010 15:53 
Offline
HAVP Developer

Joined: 27 Feb 2006 18:12
Posts: 687
Location: Finland
As it says, HAVP must use a parentproxy that knows ftp:// urls. So you need Squid->HAVP->Squid like in the example.


Top
 Profile  
 
PostPosted: 05 Jan 2010 16:04 
Offline

Joined: 05 Jan 2010 12:16
Posts: 3
So, do I understand correctly, that I need to define a 2nd http_port on the squid where I can redirect the havp? Can I use the same squid?

Has anyone a working configuration like

Client -> SquidSRV -> HAVP -> SquidSRV (the same one) -> INTERNET?

Thanks a lot.
Tom


Top
 Profile  
 
PostPosted: 06 Jan 2010 10:12 
Offline

Joined: 05 Jan 2010 12:16
Posts: 3
It think, that I have found a valid working solution (similar the example).
Thanks.
Tom


Top
 Profile  
 
PostPosted: 11 Feb 2010 12:29 
Offline

Joined: 11 Feb 2010 12:25
Posts: 2
@Tom
I have the same problem here.

What solution was it in your case?

Thank you very much!!


Top
 Profile  
 
PostPosted: 11 Feb 2010 15:28 
Offline

Joined: 11 Feb 2010 12:25
Posts: 2
Thank you very much TomTux!!

Helped me a lot.

So if anyone else has the same problem, here is the solution:

Email from TomTox:
Quote:
My solution was as it is described in the ideas-section of the
"server-side.de"-page (sandwich-situation):

client --> squidproxy:3128 (cache_peer-directive) --> havp:8081 -->
squidproxy:3129

For my test purposes, I installed all on one server:

squid.conf
========
http_port 3128
http_port 3129
cache_peer 127.0.0.1 parent 8081 0 no-query no-digest no-netdb-exchange
default


havp.config
=========
PORT 8081
PARENTPROXY 127.0.0.1
PARENTPORT 3129

So, the client will connect the proxy on port 3128. The proxy will use his
"parent" (the havp) on port 8081. The havp itself will redirect again to
the proxy on port 3129. If you don't use ftp, you do not need the 2nd
connect (tcp 3129) to the squid.

Hope, this helps.
Kind regards,
tomtux


One important thing are the following instructions in

squid.conf
======
always_direct allow localhost
# allow connections from localhost (HAVP)

always_direct allow CONNECT
# always allow SSL connections direct without havp

always_direct deny HTTP
# deny all DIRECT http connections

always_direct deny FTP
# deny all DIRECT http connections

...

never_direct deny localhost
never_direct deny CONNECT
# allow direct connections from localhost and for SSL

never_direct allow HTTP
never_direct allow FTP
# deny direct connections for HTTP and FTP -> ask parent (HAVP)

If someone finds errors or has a better idea how to implement this thing -> I would be very thankful!

Regards,

Frank


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC + 2 hours [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group