Hello Marius, On Thursday, 21. March 2002 17:11, you wrote:
All internal traffic to one external ftp-server ??
All internal ftp traffic to --> internet over a "transparent" ftp proxy
How can i configure my proftp to listen localy on port 21 and use the proxy for outgoing ftp demands?
IMHO proftpd does not support this - it is a server, not a client and it does no client requests at all.
Ok, i ll try to configure the proftp on another port
Why does the "transparent" doesn't work?
Transparent proxying does not work for outgoing connections on the gateway but for incoming:
client --> gateway --> internet | | (redirection) | |-> proxy -->
if the requests comes to the gateway and are not directed to the gateway but to an other host, the kernel should redirect (acc. to your rules) them to the proxy running on the gateway and the proxy "reads" the destination the client wants to connect and connects to this destination.
Ok, i have to disable the masq module ftp in the firewall?
you can't start a client on the gateway itself and use the proxy in transparent more from there - it works only for clients "behind" the gateway.
understand, but this won't work here.
Masquerading is done by the firewall, do i have to disable ftp-forwarding in FW_MASQ_MODULES= ?
Please draw a ascii picture of your network and how the request should work.
I do not really understand what you want to configure.
client http proxy setting to --> gateway port 3128 --> internet ftp no proxy setting --> gateway port 21| ^ | | Trans-Proxy --| other protocols --> gateway masq --> internet if there are proxys for the other protocols available, i`ll try to configure it, step by step. The problem is that outgoing ftp demands aren`t going over the proxy, but directly over the gateway. I don´t know how to redirect ftp demands without modifying the clients to use a proxy. in var/log/messages are entrys about the local test: Mar 22 09:11:30 mserver ftp-child[6431]: USER-INF 'PASS XXXX' from 172.16.2.5 Mar 22 09:11:31 mserver ftp-child[6431]: USER-INF 'PWD' from 172.16.2.5 Mar 22 09:11:31 mserver ftp-child[6431]: USER-INF 'SYST' from 172.16.2.5 Mar 22 09:11:45 mserver ftp-child[6431]: USER-INF 'QUIT' from 172.16.2.5 but no entrys from a connect client --> outside ftp server like ftp.suse.com -- Best regards, Dietmar mailto:earthmate@gmx.net