Re: Firewalls
On Wed, 15 Mar 2000, Nigel Sale <Nigel.Sale@martin-baker.co.uk> wrote:
[...]
> However, when at work i sit behind a socks5 based proxy firewall,
> which kind of screws things up.
>
> Does anybody have experience of this ?
Sure. I live behind one at work and at home. Works good. :)
> I have just started playing with dante-client, which is supposed to
> allow you to 'socksify' applications, and it worked to a point with
> ftp in that i managed to connect to an external site, but got errors
> when i actually tried to ls or get, (cd worked fine).
Sure. The real issue is the design of the FTP protocol. It tries to open
a connection from the FTP server (outside the firewall) to your machine
(inside it) and this fails.
The SOCKS protocol only supports outbound connections (from your machine
to something else).
If you use the command 'pftp' rather than 'ftp', you will be able to do
FTP things - this is just the standard ftp client with the default of
passive mode rather than active mode.
Passive mode, incidentally, is different from active mode (the standard
one) in that the client machine (you) creates all the connections,
rather than the server creating any of them.
[...]
> But my ultimate reason for doing this is that i want to be able to use
> apt-get from behind this firewall....so i need to socksify apt-get,
> has anybody done this ?
Er. I had real problems with apt-get and dante working together. Then I
went to unstable and simply used my web proxy to do it all, which is
good.
You will need to look at the configuration for apt and see if it
supports passive FTP at all. If it does, you can use it with SOCKS (all
other things being equal). If you can't get it to use that, no luck, I
am afraid.
Good luck, and let me know if you are still having trouble.
Daniel
--
An idea that is not dangerous is unworthy to be called an idea at all.
-- Elbert Hubbard
Reply to:
- References:
- Firewalls
- From: "Nigel Sale" <Nigel.Sale@martin-baker.co.uk>