On 20/01/2023 2:45 am, Emanuel Gonzalez wrote:
I have configured an instance with squid as a proxy service.
HTTP/HTTPS requests pass through the proxy correctly.
aclSafe_ports port9122
aclSSL_ports port9122
aclSafe_ports port22
aclSSL_ports port22
But I need to connect to an SFTP service that listens on port 9122.
On the squid configuration side I have added port 9122 to the secure
ports and the connection host to the hosts allowed in the dstdomain.
I have created the environment variables necessary to be able to
exit through the proxy:
http_proxy=http://myprox.prod:3142
ftp_proxy=http://myproxy.prod:3142
https_proxy=http://myproxy.prod:3142
On 22.01.23 01:48, Amos Jeffries wrote:
Squid does not support this type of configuration. Each type of
protocol syntax needs to use a different proxy port number.
they are three types of requests to be passed over HTTP, which is
exactly what squid supports on single port.
GET http://
GET ftp://
CONNECT
imho the problem is that "nc -x" expects SOCKS proxy by default and OP issues:
'nc -v -xtheprovider-front.prod:3142 %h %p'
Current Squid versions also do not have working support for native
SFTP. For now you can only pass it through Squid if the client
software sends the SFTP traffic over a HTTP(S) CONNECT tunnel.
nc would do that if he added "-X connect":
-X proxy_protocol
Use proxy_protocol when talking to the proxy server. Supported
protocols are 4 (SOCKS v.4), 5 (SOCKS v.5) and connect (HTTPS
proxy). If the protocol is not specified, SOCKS version 5 is
used.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
