2017-01-23 21:41 GMT+03:00 Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx>:
Needless to say, your specific needs may differ from that general
principle. It is possible that Squid needs a knob to handle your use
case differently. However, I am pretty sure that somebody does want
Squid to do what it does know so we should not change Squid behavior to
satisfy your use case.
I understand that, however the first and foremost reason I asked the question was that my use case pretends to be pretty typical :)
What if you can restrict the set of ports that Squid uses to accept
passive FTP data connections? That way, you can redirect only those data
connections that match those ports. This is not an ideal solution, and
Squid does not support that directly right now, but it might work in
principle.
I have thought about it, however these ports may interfere with real server's ports.
Another option is to modify Squid to report the expected data connection
IP:ports to some helper so that you can write a script that dynamically
modifies your network redirection rules.
I like this one more. It looks like a kind of ip_conntrack_ftp.
Thank you for the explanation, I will try to do something.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
