Hello everyone,
I'm trying to make ftp go directly without squid touching it...but failing at it...
acl FTP proto FTP always_direct allow FTP
I've left IE 6 at default (proxy is configured) but display ftp folderview is checked...and passive is unchecked...
and I still get errors when I wanna open ftp... using folder view in IE
200: SWITCHING TO ASCII MODE 500: ILLEGAL PORT COMMAND 500: Unknown COMMAND
my iptables is modifid like this to allow (hopefully) both active passive ftp
iptables -A INPUT -i eth1 -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth1 -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth1 -p tcp --dport 20 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth1 -p tcp --sport 1024:65535 --dport 1024:65535 -m state ESTABLISHED,RELATED -j ACCEPT
a simple drawing of how my clients access the internet
clients ---- PROXY SERVER --- Firewall
my ISP did it for the ftp dunno how but they use squid...transparent and ftp works if I turn of my proxy server...
so I guess this is something I did wrong, could anyone give me a hint ? ( != firefox :) )
Sincerely
Robert B
