I am using squid for FTP proxy. It looks like squid uses ftp active connections resulting in the server choosing a random port for communication when sending back to my firewall. ipchains doesn't seem have a way to deal with this and I do not want to open a large range of port that will cover all that "might" be chosen by servers.
Is there someway to tell the OS to temporarily allow the chosen random port? Is there a way to have squid tell ftp servers to use a specific port? Other thoughts and options? Thank you,
