Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

FTP from a browser via explicit proxy.

peter_hutton
Nimbostratus
Nimbostratus

‎06-Mar-2018 06:50

We are using the F5 explicit proxy to proxy our HTTP and HTTPS. This doesn't natively support ftp via the browser. We are using the ftp proxy irule for ftp client based connections from ftp software but this doesn't support proxy connect method.

 

IS it possible to send the type traffic to another vip or port, does anyone know if there is a supported way of doing this.

 

Our bluecoats just work for address type ftp://

 

Thankyou

 

Labels:
2 REPLIES 2

palkendo_234278
Nimbostratus
Nimbostratus

‎19-Mar-2018 14:20

Were you able to get an answer for this? I have not been able to make this work from a browser unless I am using a transparent proxy on the F5.

 

Ano
Nimbostratus
Nimbostratus

‎05-Jan-2021 23:16 - last edited on ‎22-Nov-2022 07:47 by Fog

Hi Peter

I am also trying to solve a same situation, but I can't.

I'm using HTTP_PROXY_REQUEST on iRule, but HTTP_PROXY_REQUEST can't control the "ftp://".

Mr.totof said work fine in the case of the "HTTP_REQUEST".

  https://devcentral.f5.com/s/feed/0D51T00006i7RYsSAM

So, I thought if "HTTP_REQUEST" could control the FTP over HTTP, "HTTP_PROXY_REQUEST" is also could, but couldn't.

HTTP_PROXY_REQUEST

https://clouddocs.f5.com/api/irules/HTTP_PROXY_REQUEST.html

Triggered when a virtual server has proxy-mode explicit set and one of the following two scenarios are true:
・the request has a full uri of the form http://hostname:port/path (much like HTTP_REQUEST, but with access to the original uri)
・the request is a CONNECT request (e.g. CONNECT hostname:port HTTP/1.1)

After that, I tried "CLIENT_ACCEPTED" and "CLIENT_DATA" as below.

when CLIENT_ACCEPTED{
	TCP::collect
}
when CLIENT_DATA{
	if [ string tolower [TCP::payload 10]] contains "get ftp://" ] {
		bla bla bla
		pool test_pool
		# In my case, I want to transfer other HTTP proxy.
	}
}

But the situation is not changing, BIG-IP response HTTP Status Code 400 again.

Someone, do you have any ideas?​

0 Kudos
Copyright © 2023 Khoros, LLC