FTP proxy

tomcatf14 · Feb 4, 2009

Hi,

I need to setup a FTP proxy server so I could use the server in the DC to access the FTP service on another server from home. How can I do this on FreeBSD?

In case I'm not clear, the case would be as follow:-

User ---proxy--> Server A --FTP--> Server B

The reason I'm doing this is because Server B only allow FTP access from static IP but I only could get dynamic IP from my ISP.

DutchDaemon · Feb 4, 2009

You could try installing a Squid proxy on Server A, listening on localhost only. Because your address is dynamic it will be difficult to put it into an access restriction (acl) on Squid, and you don't want an open proxy on that server .. Having it bind to localhost only will be safe.

Then SSH into Server A, portforwarding your local port 3128 to Server A's localhost address on port 3128 (ssh -L 3128:localhost:3128). Then use 'localhost:3128' as a proxy in your FTP program.

You will then have the following connections:

Tunnel: You -> SSH -> Server A
FTP: You -> localhost:3128 -> server A:localhost:3128 -> server A

ublic_ip -> Server B FTP

Ico · Apr 23, 2009

hm

Actually I am trying to do the exact same thing and it just isn't working for me.

I have an SSH tunnel working like a champ and I am forwarding my :80 traffic through the tunnel as we speak in fact. But I can't get the FTP to work through the squid. I have added some lines to the squid.conf and restarted it.

Code:

acl ftp proto FTP
http_access allow ftp
acl Safe_ports port 21        # was already here...

I am trying to use gFTP with Proxy server type: HTTP proxy
Proxy hostname: localhost
Proxy port: 3128

At the moment I am reading the man ftp page to see what the CLI command would look like for using the proxy...

Anyone have any experience doing this?

DutchDaemon · Apr 23, 2009

As far as I know, Squid will only handle

HTML:

ftp://ftp.example.com/

and

HTML:

ftp://user:password@ftp.example.com/

type URLs, not native FTP commands. This usage is restricted to downloading.

Maybe ftp-proxy(8) can do what you want.

Ico · Apr 23, 2009

Ahhhh and here I was thinking squid supports full ftp functions. That explains many things. Thanks

edhunter · Apr 27, 2009

I use ftp/jftpgw as ftp proxy - very easy to configure, and works almost out of the box. But in your case it has a drawback - it's "access lists" are only by ip.

You could also try net/delegate - proxy server with many features (including ftp).

FTP proxy

tomcatf14

DutchDaemon

Administrator

Ico

DutchDaemon

Administrator

Ico

edhunter