FileZilla Forums

Welcome to the official discussion forums for FileZilla
Donate to project
It is currently 2014-04-24 00:49

All times are UTC




Post new topic Reply to topic  [ 9 posts ] 
Author Message
PostPosted: 2004-05-12 17:54 
Offline
500 Command not understood

Joined: 2004-05-12 17:45
Posts: 1
I installed Filezilla on a machine behind a firewall. Access to HTTP and FTP is only possible through an HTTP proxy.

I configured Filezilla to use the HTTP proxy. It fails. If I use Internet Explorer with an ftp:// URL, it works.

From an Ethereal dump, I saw that Filezilla sends CONNECT <site name>:21 to the proxy, while IE sends GET ftp://<site name>/ . The proxy then sends the 200 OK reply to IE, while Filezilla gets a 302 Redirected (the URL to which the request is redirected, browsed with IE, says that proxy blocked access).

So, maybe Filezilla should use a plain GET, or allow the user to choose between GET and CONNECT.


Top
 Profile  
 
 Post subject:
PostPosted: 2004-05-12 17:59 
Offline
Site Admin
User avatar

Joined: 2004-02-23 20:49
Posts: 22556
Using CONNECT, the HTTP proxy acts as tunnel, using GET the proxy acts as FTP to HTTP gateway.
But FileZilla is a FTP client and does not support the HTTP protocol the proxy uses on GET.
Please configure your proxy to allow CONNECT or use a true ftp proxy.


Top
 Profile  
 
 Post subject:
PostPosted: 2004-07-23 18:49 
Offline
500 Command not understood

Joined: 2004-07-23 18:32
Posts: 2
If you don't support the HTTP protocol then why does the Proxy Settings page have a choice "HTTP 1.1 proxy". (I don't see this choice in any of the documentation, but it is present in the GUI.) I assume that this choice uses basic authentication (send user/pwd in the clear) as opposed to NTLM. There's another thread asking about NTLM authentication to the proxy server. Is this something that you see as a possibility?

FZ is great (and would be better if I could use it at work through our proxy server that only allows NTLM authentication).. Thanks!

_________________
Neal


Top
 Profile  
 
 Post subject:
PostPosted: 2004-07-24 10:46 
Offline
Site Admin
User avatar

Joined: 2004-02-23 20:49
Posts: 22556
FileZilla does support one specific method of the HTTP protocol.

In order to use the other methods, FileZilla would have to have an HTML parser, since most http proxies to return HTML pages if using for example the GET option.


Top
 Profile  
 
 Post subject:
PostPosted: 2004-09-15 15:04 
Offline
500 Command not understood

Joined: 2004-09-15 14:46
Posts: 4
I encounter the same problem.

Do you think this html piece of work could be put on the todo list, in order to have the GET method ?

"wget" does get through such a proxy. and wget is quite a lightweight app ;-)

By the way, the proxy is Squid.


Top
 Profile  
 
 Post subject:
PostPosted: 2004-09-15 16:12 
Offline
Site Admin
User avatar

Joined: 2004-02-23 20:49
Posts: 22556
To support GET, FZ would have to be a complete HTTP client. So that won't be implemented soon. *May* be a project for the distant future.


Top
 Profile  
 
 Post subject:
PostPosted: 2004-09-15 16:24 
Offline
500 Command not understood

Joined: 2004-09-15 14:46
Posts: 4
Would you know if authorizing a connect method to port 21 is of any security concern ?


Top
 Profile  
 
 Post subject:
PostPosted: 2004-09-15 16:42 
Offline
Site Admin
User avatar

Joined: 2004-02-23 20:49
Posts: 22556
Any internet access, regarding of used port or protocol is a security concern, even normal GET on port 80. Everything can be encoded in the GET command or in the reply.

There is no reason not to allow CONNECT if you allow GET.


Top
 Profile  
 
PostPosted: 2008-11-25 23:07 
Offline
500 Command not understood

Joined: 2008-11-25 22:59
Posts: 1
For those of you who have an HTTP proxy configured to allow only NTLM authentication and allows you to use HTTP CONNECT:

You can use a tool called cntlm that will allow you to set up a local proxy that does NOT require NTLM authentication, that will pass any requests you send to it through your corporate proxy with NTLM authentication. You just need to set up FileZilla to point to the local proxy.

Check out http://cntlm.awk.cz/.

This allow you to use any application that supports HTTP proxy but not NTLM authentication.

Hope this helps somebody!


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 9 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 13 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Dedicated server provided by Artmotion.
Forum sponsored by Everyware.ch.
Powered by phpBB® Forum Software © phpBB Group