HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
FTP does not work.... http://havp.hege.li/forum/viewtopic.php?f=3&t=490 |
Page 1 of 1 |
Author: | tomtux [ 05 Jan 2010 12:36 ] |
Post subject: | FTP does not work.... |
Hi all I've configured the following environment: client -> squid (listener tcp 3128) -> havp (listener tcp 8081) -> INTERNET All works fine. But I'm not able to make FTP-Downloads. I got the following error-message: Code: The request is unknown: FTP is currently supported only if PARENTPROXY is used! I configured my squid as written on the "ideas"-page: Code: ... ... cache_peer 127.0.0.1 parent 8081 0 no-query no-digest no-netdb-exchange default ... ... How can I configure the squid / havp to make ftp-downloads through havp? Thanks a lot. Tom PS: I read something with an additional listener and a redirection...but I'm not sure, if this will work in my scenario. |
Author: | hege [ 05 Jan 2010 15:53 ] |
Post subject: | Re: FTP does not work.... |
As it says, HAVP must use a parentproxy that knows ftp:// urls. So you need Squid->HAVP->Squid like in the example. |
Author: | tomtux [ 05 Jan 2010 16:04 ] |
Post subject: | Re: FTP does not work.... |
So, do I understand correctly, that I need to define a 2nd http_port on the squid where I can redirect the havp? Can I use the same squid? Has anyone a working configuration like Client -> SquidSRV -> HAVP -> SquidSRV (the same one) -> INTERNET? Thanks a lot. Tom |
Author: | tomtux [ 06 Jan 2010 10:12 ] |
Post subject: | [resolved] Re: FTP does not work.... |
It think, that I have found a valid working solution (similar the example). Thanks. Tom |
Author: | HeXer [ 11 Feb 2010 12:29 ] |
Post subject: | Re: FTP does not work.... |
@Tom I have the same problem here. What solution was it in your case? Thank you very much!! |
Author: | HeXer [ 11 Feb 2010 15:28 ] |
Post subject: | Re: FTP does not work.... |
Thank you very much TomTux!! Helped me a lot. So if anyone else has the same problem, here is the solution: Email from TomTox: Quote: My solution was as it is described in the ideas-section of the "server-side.de"-page (sandwich-situation): client --> squidproxy:3128 (cache_peer-directive) --> havp:8081 --> squidproxy:3129 For my test purposes, I installed all on one server: squid.conf ======== http_port 3128 http_port 3129 cache_peer 127.0.0.1 parent 8081 0 no-query no-digest no-netdb-exchange default havp.config ========= PORT 8081 PARENTPROXY 127.0.0.1 PARENTPORT 3129 So, the client will connect the proxy on port 3128. The proxy will use his "parent" (the havp) on port 8081. The havp itself will redirect again to the proxy on port 3129. If you don't use ftp, you do not need the 2nd connect (tcp 3129) to the squid. Hope, this helps. Kind regards, tomtux One important thing are the following instructions in squid.conf ====== always_direct allow localhost # allow connections from localhost (HAVP) always_direct allow CONNECT # always allow SSL connections direct without havp always_direct deny HTTP # deny all DIRECT http connections always_direct deny FTP # deny all DIRECT http connections ... never_direct deny localhost never_direct deny CONNECT # allow direct connections from localhost and for SSL never_direct allow HTTP never_direct allow FTP # deny direct connections for HTTP and FTP -> ask parent (HAVP) If someone finds errors or has a better idea how to implement this thing -> I would be very thankful! Regards, Frank |
Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |