Hello, I have a question regarding a native FTP relay. I have tried to test this feature like this:
[Filezilla Client, 1.1.1.2] <-----> [ Router: iptables + squid ] <-----> [vsftpd server, 5.5.5.10] Firewall settings on the router are: ip route flush table 100 ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 0x01/0x01 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 21 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 2121 iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3128 No other rules are defined, default policies in chains is ACCEPT. Squid's configuration file is attached. With HTTP traffic everything works fine, however FTP causes a problem. A client successfully connects and authenticates, but when it tries to execute LIST or RETR (when data connection should be established), Filezilla says "Connection closed by server". In squid's log I have noticed some errors when establishing data connection (?), like "failed to connect FTP server data channel". The log is also attached. What can be wrong with this setup?
cache2.log
Description: Binary data
squid.conf
Description: Binary data
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
