Help - Search - Members - Calendar
Full Version: Squid Proxy Server!
Linuxhelp > Support > Technical Support
singhalapurv
Sep 15 2005, 12:33 AM
Hi all,

i have configured Squid proxy server in Fedoracore3. I am able to access internet from window system.But when i am using WS_FTP from windows, i am not able to connect to the ftp users.I am getting the following error:
"connection failed"
Please if any one can help me.

Thanks,

Apurv
Robert83
Sep 15 2005, 03:50 AM
Hello there,

First of let's make sure you have the following lines in your squid.conf

located here /etc/squid/squid.conf

acl FTP proto FTP
always_direct allow FTP

make sure it is located right bellow your acl where you allow all your clients to use the proxy server.

then do the following

CODE
/etc/init.d/squid stop
/etc/init.d/squid start


on your firewall do the following modifications :

add the following lines to /etc/rc.d/rc.local file

/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_nat_ftp

once done, save the file.

then type the following (only doing it this time, so you don't have to restart the firewall to make it work)

CODE
/sbin/modprobe ip_conntrack_ftp
/sbin/ip_nat_ftp


then type in the following :

CODE
iptables -A INPUT -i $extif -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i $extif -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i $extif -p tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT


try connecting to ftp site with your client, it should work.

now you can add these iptables rules to your iptables script so that they will be there from now on, even if you restart the firewall.

$extif = your external interface, the one which is connected to the ISP

hope this helps

Sincerely
Robert B
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2012 Invision Power Services, Inc.