Good Morning, could you take a look at my config and advise? On Tue, Apr 27, 2010 at 19:49, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > On Tue, 27 Apr 2010 10:44:12 -0400, Milan <compguy030471@xxxxxxxxx> wrote: >> I have a Squid 2.7 build on Windows 2003 and I am trying to allow ftp >> access thru the proxy. >> >> I have added the lines below as suggested: >> >> acl ftp proto FTP >> http_access allow ftp >> >> >> No avail. I can access if i type ftp://username:password@url-path >> >> Is their any way to configure to access by ftp://ftp.destination.com? > > The default config allows web browsers to open FTP URLs. > > The config you tried is only needed if you would otherwise be blocking > access. > It should work provided that you place it in the right part of squid.conf. > > Order is important. > > Amos >
cache_peer proxy2.us.webscanningservice.com parent 3128 0000 default no-query no-digest auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe auth_param ntlm children 40 auth_param ntlm keep_alive on auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off external_acl_type AD_global_group ttl=120 %LOGIN c:/squid/libexec/mswin_check_ad_group.exe -G ftp_user squid@xxxxxxxxxxxxxx acl all src all #0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl goto_meeting dst 216.115.208.0/20 216.219.112.0/20 66.151.158.0/24 66.151.150.160/27 66.151.115.128/26 64.74.80.0/24 202.173.24.0/21 67.217.64.0/19 78.108.112.0/20 68.64.0.0/19 206.183.100.0/22 acl WindowsUpdate dstdomain -i "c:/squid/etc/windowsupdate.txt" acl bypass_auth src "C:\squid\etc\ByPass_Auth_SRC_IP.txt" acl bypass_auth-external dstdomain "C:\squid\etc\ByPass_Auth_DST_DOMAIN.txt" acl DIRECT src "C:\squid\etc\Direct_SRC_IP.txt" acl DIRECT-external dstdomain "C:\squid\etc\Direct_DST_DOMAIN.txt" acl Java browser Java/[0-9] acl Approved_IP dstdomain "C:\squid\etc\Approved_IP.txt" # Domains accessible to all PC's acl Approved_Domains dstdomain "C:\squid\etc\Approved.txt" acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl ftp proto FTP acl authproxy proxy_auth REQUIRED acl our_networks src 172.16.0.0/12 acl HEAD method HEAD acl InetAllow external AD_global_group NA\CLW.Squid.Full acl password proxy_auth REQUIRED src 172.16.0.0/12 #MP http_access allow manager localhost http_access allow HEAD http_access allow ftp http_access allow WindowsUpdate http_access allow bypass_auth http_access allow bypass_auth-external http_access allow Approved_Domains http_access allow goto_meeting http_access allow Java http_access allow Approved_IP http_access allow InetAllow http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny !our_networks icp_access allow all http_access deny all http_port 172.23.4.22:3128 hierarchy_stoplist cgi-bin ? access_log c:/squid/var/logs/access.log squid cache_log c:/squid/var/logs/cache.log squid cache_store_log none acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl apache rep_header Server ^Apache broken_vary_encoding allow apache coredump_dir c:/squid/var/cache acl INTERNAL dst 172.16.0.0/12 always_direct allow INTERNAL
