On Fri, 18 May 2001, Robert Davies wrote: >Cannot comment on ftp proxy, as I used masqueraded ftp at ipchains level, >which was a good solution. > > Rob
I don't agree... Didn't you find any trouble in merging active/passive mode...? It seems to me the best you can do with ipchains means to allow all ports 1024: <-> 1024: to talk each other and setting special DENY to unused services... it sounds not so good to me. Marco (1/2) On Fri, 18 May 2001, Reinemuth, Jens wrote: > > I'd like to proxy ftp, telnet, http, with a cache too, if I can... > > of course you can! every httpproxy does caching (otherwise it's a gateway or > router ;-)) The toy is to deny all internal (win&other) machines from acceding directly the external net; a simple local lan ---> proxy ---> internet, dns, mailsrv scheme. I thought to filter mail & dns services and to allow the rest via proxy. Not for caching but for security... but if I can cache too, why not? Now I'm wondering what's the proxy server made for me! I thought socks doesn't caching, perhaps it's wrong... and I think squid doesn't proxy ftp. > a proxy for "telnet"?? you wanna cache the input from the keyboard?? > or do you mean you want to set up a router/firewall with several proxies? The second you said! Thanks, 73 Marco (2/2)
