> I Plan to swithch over to OpenBSD 3.5 Proxy and Firewall > machine. So now I > have OpenBSD 3.5 installed on a computer with Squid Proxy > Installed on it. I > also managed to get Squid configured and the LAN users can access the > Websites on the Internet through it. There is no problem with > http access > and it is much faster I think. >
Squid is used to cache the http requests not the ftp requests. We can use the ftp with http requests as a passive request. > I am a bit confused about configuring the ftp proxy part of > it. I got a bit > confused from the documentation about transparent proxying and all. > > Could You please tell me what are the parameters I should > change in the > squid.conf and what values I should give them so that the > users in the LAN > can access the FTP sites as earlier? Are you trying on squid-2.5.x versions, then If you are firewall setting is not giving support for passive ftp requests, then use ftp_passive off There are few more parameters with the keyword ftp. > Is it possible to restrict users and specify which users can > access which > sites? We can give the access based on users,domains, sites, etc using the acl and http_access for http requests. There is two more applications avaialable as frox an wget for ftp proxying, http://frox.sourceforge.net/ http://www.gnu.org/software/wget/ You can control the users to access the ftp requests using frox or wget based on Squid acl's type ( Refer TAG: external_acl_type ) > Note: The Squid Proxy is installed on an OpenBSD 3.5 computer > with 2 NICs. > One NIC has an Internet static IP address and is connected to an ADSL > router. The other NIC has an Internal IP Address and is > connected to the LAN > switch. > Redirect all local users http or ftp requests to squid's internal IP address whose connection is with LAN switch. Forward all redirected requests to squid through the ADSL router IP-Address connected IP. > Could you also please refer me to some resource on the internet which > explains what "transparent proxying" is and what "passive > mode" and "active > mode" is. A transparant proxy basic details and linux implementation is available over here, http://squid.visolve.com/squid/trans_caching.htm See http://slacksite.com/other/ftp.html to know active vs passive mode ftp requests > If I enable "packet filtering" in OpenBSD are there specific > issues that I > should be careful about while using "Squid Proxy"? I am not known with OpenBSD* Regards, Muthukumar. --- =============== It is a "Virus Free Mail" =============== Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.726 / Virus Database: 481 - Release Date: 7/22/2004