Csaba KETSZERI wrote:
> How can I force the users to turn on the proxy for ftp-ing?
> (I know it is mainly an ipchains question, but may a few of
> the members of this list has done things like this....)
Block it, or redirect it to a simple TCP service returning a message
like this:
421-FTP is only allowed thru proxying
421-
421-To access FTP you must reconfigure your web browser to use
421-your.proxy.com port 3128 as proxy for FTP.
421-
421-(more detailed instructions on how to configure proxy settings)
421-
421 Access denied
[and the same message repeated one more time]
The TCP service can be as simple as cat /path/to/ftp_message.txt
/path/to/ftp_message.txt from inetd.conf
The message needs to be repeated twice due to protocol errors in
Netscape Navigator and possibly other browsers, where the first error is
silently ignored.
And cross your fingers that IE at least tries to display the error
instead of substituting it's own idea on why the server responded with
an error indication (like it does for most proxy generated errors)
-- Henrik Nordstrom Squid hackerReceived on Wed Dec 22 1999 - 06:49:16 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:05 MST