Adrian Thanks a lot for your kind reply, I understood the concept... Last question Reading your good explanation I thought that a "reverse ftp proxy" could improve security but unfortunately squid hasn't able. Can you suggest me some programs abled to act as reverse proxy? Is possibile to configure a reverse proxy with linux and some open source program? If not...is there some commercial software?
Thanks Marco Italy -----Messaggio originale----- Da: Adrian Chadd [mailto:[EMAIL PROTECTED] Inviato: mercoledì 13 dicembre 2006 19.38 A: Reale Marco Cc: squid-users@squid-cache.org Oggetto: Re: [squid-users] Reverse ftp proxy On Wed, Dec 13, 2006, Reale Marco wrote: > Hi > > I have a question not strectly closely related to squid but I hope > that someone kindly will reply to me. > I saw questions about ftp reverse proxy, reverse proxy etc... > But what exactly is an ftp reverse proxy? What is the difference at > tcp layer? An FTP proxy is one which: * provides an FTP server * relays requests to a backend FTP server where required * caches files which are requested by the clients Squid can do two of three but it doesn't provide FTP services at the present time. I doubt it'd be hard to write something to do it but I don't think any of the current squid developers have any spare time to do it. > Usually I configure a static nat (public ip to dmz ip) in order to > provide ftp service but if I would to configure a reverse proxy with > squid is possible? Not yet. > 1) Is Squid able to act as reverse ftp proxy? > 2) What is the difference at tcp layer? At the TCP layer - Squid would be accepting all FTP requests and speaking the FTP protocol. Data channels would terminate on the Squid proxy rather than being NATted through to the client. Squid would then issue its own TCP connections for control/commands and data requests if/where required. In the NAT form all that is happening is your firewall/gateway is NATting TCP sessions for FTP control and data as appropriate. In the Squid form all the FTP TCP sessions would terminate on the Squid server and the Squid server would then issue new FTP TCP sessions to the real FTP server. But as I said, Squid doesn't have this functionality. Adrian -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
