Search squid archive

Re: Allow SFTP connection to port 9122

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 20/01/2023 2:45 am, Emanuel Gonzalez wrote:
I have configured an instance with squid as a proxy service. HTTP/HTTPS requests pass through the proxy correctly.

aclSafe_ports port9122
aclSSL_ports port9122
aclSafe_ports port22
aclSSL_ports port22


But I need to connect to an SFTP service that listens on port 9122.

On the squid configuration side I have added port 9122 to the secure ports and the connection host to the hosts allowed in the dstdomain.

I have created the environment variables necessary to be able to exit through the proxy:

http_proxy=http://myprox.prod:3142

ftp_proxy=http://myproxy.prod:3142

https_proxy=http://myproxy.prod:3142

On 22.01.23 01:48, Amos Jeffries wrote:
Squid does not support this type of configuration. Each type of protocol syntax needs to use a different proxy port number.

they are three types of requests to be passed over HTTP, which is exactly what squid supports on single port.

GET http://
GET ftp://
CONNECT

imho the problem is that "nc -x" expects SOCKS proxy by default and OP issues:

'nc -v -xtheprovider-front.prod:3142 %h %p'

Current Squid versions also do not have working support for native SFTP.  For now you can only pass it through Squid if the client software sends the SFTP traffic over a HTTP(S) CONNECT tunnel.

nc would do that if he added "-X connect":

     -X proxy_protocol
             Use proxy_protocol when talking to the proxy server.  Supported
             protocols are 4 (SOCKS v.4), 5 (SOCKS v.5) and connect (HTTPS
             proxy).  If the protocol is not specified, SOCKS version 5 is
             used.

--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux