Linux Forums - Linux Help,Advice & support community:LinuxSolved.com

Network Troublshooting => Linux Servers Support => Topic started by: gauravbajaj on April 04, 2007, 10:30:42 AM

Title: blocking ftp through squid
Post by: gauravbajaj on April 04, 2007, 10:30:42 AM

Hey

1) I want to block ftp through squid.How can i do this?

2) Can I block particular ftp command like PUT or GET through squid itself?

Thanks
Gaurav Bajaj

Title: blocking ftp through squid
Post by: Ricky on April 04, 2007, 11:33:55 AM

Blocking ftp through squid is matter of blocking ports used by squid. .

I don't think that we can go that much advance in blocking in squid. But yes I am looking into.

Title: blocking ftp through squid
Post by: gauravbajaj on April 04, 2007, 11:49:54 AM

Ricky

Thanks for the reply

acl Safe_ports port 80      # http
acl Safe_ports port 21      # ftp
acl Safe_ports port 443 563   # https, snews
acl Safe_ports port 70      # gopher
acl Safe_ports port 210   # wais
acl Safe_ports port 1025-65535   # unregistered ports
acl Safe_ports port 280   # http-mgmt
acl Safe_ports port 488   # gss-http
acl Safe_ports port 591   # filemaker
acl Safe_ports port 777   # multiling http

http_access deny !Safe_ports

The above configration is default for squid..........to block ftp port can i change it into like this:

{means chaging Safe_ports to ftp_port }

acl ftp_port port 21      # ftp

http_access deny ftp_port

Thanks

Title: blocking ftp through squid
Post by: Ricky on April 07, 2007, 07:29:54 AM

No need to add anything.. just remove line

Code: [Select]

acl Safe_ports port 21 # ftp
And should do.. as then 21 is not considered as safe port and those are not safe.. are not allowed.

Title: blocking ftp through squid
Post by: gauravbajaj on April 07, 2007, 01:45:48 PM

Thanks Brother