Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Squid Proxy Server!, Not able to use WS_FTP through my squid
singhalapurv
post Sep 15 2005, 12:33 AM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 2
Joined: 15-September 05
Member No.: 5,520



Hi all,

i have configured Squid proxy server in Fedoracore3. I am able to access internet from window system.But when i am using WS_FTP from windows, i am not able to connect to the ftp users.I am getting the following error:
"connection failed"
Please if any one can help me.

Thanks,

Apurv
Go to the top of the page
 
+Quote Post
Robert83
post Sep 15 2005, 03:50 AM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hello there,

First of let's make sure you have the following lines in your squid.conf

located here /etc/squid/squid.conf

acl FTP proto FTP
always_direct allow FTP

make sure it is located right bellow your acl where you allow all your clients to use the proxy server.

then do the following

CODE
/etc/init.d/squid stop
/etc/init.d/squid start


on your firewall do the following modifications :

add the following lines to /etc/rc.d/rc.local file

/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp

once done, save the file.

then type the following (only doing it this time, so you don't have to restart the firewall to make it work)

CODE
/sbin/modprobe ip_conntrack_ftp
/sbin/ip_nat_ftp


then type in the following :

CODE
iptables -A INPUT -i $extif -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i $extif -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i $extif -p tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT


try connecting to ftp site with your client, it should work.

now you can add these iptables rules to your iptables script so that they will be there from now on, even if you restart the firewall.

$extif = your external interface, the one which is connected to the ISP

hope this helps

Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 15th December 2017 - 08:17 PM