Hello, I have a question regarding a native FTP relay (squid's version is 3.5.23).
I've tried to test this feature like this: [Filezilla Client, 1.1.1.2] <-----> [ Router: iptables + squid ] <-----> [vsftpd server, 5.5.5.10] The router is CentOS 6.5 machine. Firewall settings are: ip route flush table 100 ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 0x01/0x01 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 21 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 2121 iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3128 No other rules are defined and default policy for INPUT/OUTPUT/FORWARD is ACCEPT. The rp_filter is disabled. Squid's configuration file is attached. With HTTP everything works fine, however FTP causes a problem. A client successfully connects and authenticates, but when it tries to execute LIST or RETR (when data connection should be established), Filezilla says "Connection closed by server". Meanwhile squid says the following: commBind: Cannot bind socket FD 17 to 1.1.1.2: (99) Cannot assign requested address What can be wrong with this setup?
squid.conf
Description: Binary data
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
