Hello Eliezer, I have more tan 100 clients and only 2 of them demand active ftp, so only bcz of them we are rolling-back to Windows. Squid works perfectly with the other 100+ clients, so I am really happy with Squid, and I will use it in the future for sure. I can't redefine the thing bcz it depends on my clients, not on me. Thank you very much for your interest and feedback. Regards __________________________________________________________________________ __________________________________________ Hey, Can you re-define your scenario? Squid in it's basic form is merely a http proxy which you can use to fetch ftp requests. I do not know exactly what you expect but when you use squid as a FTP proxy it would convert the ftp connection into http. If you are using a specific ftp client it might be different and then you would need the port 21 on the Safe_Ports list. But you cannot force a server to use an active or passive connection since the ftp service will be defined only for active or for both active and passive connections. This is not in the hand of squid... If you have a specific ftp address which we can use to test it would help a lot. Eliezer ---- http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of javier perez Sent: Thursday, June 15, 2017 1:53 PM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: RV: squid Good morning squid users, Im facing a weird situation in my Company let me explain: I installed squid(3.5.20) on CentOS 7 minimal to perform as an ftp-proxy. My configuration file looks like this: /etc/squid/squid.conf ########################################################################## ## ## acl SSL_ports port 443 21 ftp_port 21 ftp_passive off ########################################################################## ## ## acl Safe_ports port 80 # http acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 21 acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT ########################################################################## ## ## acl FTP proto FTP always_direct allow FTP ########################################################################## ## ## http_access allow CONNECT SSL_ports http_access allow CONNECT Safe_ports http_access allow SSL_ports http_access allow Safe_ports http_access allow all http_access allow FTP ########################################################################## ## ## http_port 3128 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 ########################################################################## ## ## The thing is that the parameter ftp_passive off seems not to be working Due to security measures we have to use non-passive mode to be able to transfer anything. The connection works fine with the remote hosts, the login works, but I have to enter passive every single time to swap the mode to non-passive. I dont know whether the ftp_passive is not working or I need to do something else. After doing a deep research I cannot find much information related with this kind of problems, so I decided to get in touch with you. Please help!! Thanks in advance. Regards _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users