Cannot deny FTP squid
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > Web Servers reviews > Squid > Cannot deny FTP squid




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    Cannot deny FTP squid  
tornado


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
09-23-04 03:26 AM

Hello all,

We have smoothwall as our firewall. I am also using it as
proxy in a transperant mode. I have a problem on my hand. I want to
deny all the ftp requests
from the our network. I have also configured ACL's accordingly. But,
to my amazement it simply doesnt seem to work. I can still access any
ftp site eg: ftp://kernel.org in a browser as well as from command
line !!

Here is a part of acl's:

acl badfiles url_regex -i "/var/smoothwall/proxy/badfiles"
acl mgmt src "/var/smoothwall/proxy/mgmt_adds"
acl FTP proto FTP
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255

acl SSL_ports port 445 443 441 563
acl Safe_ports port 80                  # http
acl Safe_ports port 81                  # smoothwall http
acl Safe_ports port 445 443 441 563     # https, snews
acl Safe_ports port 70                  # gopher
acl Safe_ports port 210                 # wais
acl Safe_ports port 1025-65535          # unregistered ports
acl Safe_ports port 280                 # http-mgmt
acl Safe_ports port 488                 # gss-http
acl Safe_ports port 591                 # filemaker
acl Safe_ports port 777                 # multiling http
acl CONNECT method CONNECT


http_access allow localhost
http_access deny FTP
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny badfiles !mgmt
http_access allow localnet
http_access deny all


I really dont understand what i am doing wrong or silly !

Any kind of help will be appreciated.
Thanks.




[ Post a follow-up to this message ]



    Re: Cannot deny FTP squid  
Mike


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
09-23-04 03:26 AM

tornado wrote:

> I really dont understand what i am doing wrong or silly !

Not restarting squid?

Not using a Watchguard instead?



--

------------------------------------

Real email to mike. The header email is a spam trap and you will be
blacklisted,
submitted to anti-spam sites and proably burn in hell.




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 11:54 AM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register