using squid
firstly make sure to load ip_nat_ftp on squid kernel !important!
# Module required for active an FTP server using NAT modprobe ip_nat_ftp
then
# iptables -A FORWARD -j ACCEPT
if this failed: enable ftp bypass on squid
http://labtestproject.com/linux_network/step_by_step_enable_ftp_on_squid_proxy_in_linux_fedora_10.html
acl FTP proto FTP
always_direct allow FTP
reload squid server and you're done
make sure to uncheck PASV transfer on your ftp client (see ref 1)
good reources to read more:
1. http://enterprisedt.com/products/edtftpjssl/doc/manual/html/howtoftpthroughafilewall.html
2. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables
No comments:
Post a Comment