Re: Problems with FTP and Squid (part 2)

<rmendes@email.ip-network.com> "Rui Mendes writes:
> In my last request I wrote that I have problems with Squid 2.2.S4 and FTP.
> I received one answear saying that the problem was maybe coming from my
> browser. I had
> MS IE 5.0 on my PC.
> Now, I installed Netscape 4.01 and I have still the same problem . It is
> impossible to do FTP with it.

Does this apply to all sites, or only some? Many sites reject FTP
connections which don't supply a valid email address.

I notice that you have no ftp_user line configured; try adding

ftp_user admin@clt-ufa.net

> Details about my network:
...
> - proxy is Squid 2.2.S4 running under RedHat Linux 5.2
> - on my PC I have Windows NT 4.0 Workstation
> - the browser is now Netscape 4.01
> The configuration of squid is as follows:
> http_port 8080
> icp_port 3130
> hierarchy_stoplist cgi-bin?

^^^^^^^^^^^^ a typo! put a space between them, or this will work wrong.

> cache_mem 70 MB
> cache_swap_low 80
> cache_swap_high 90
> maximum_object_size 6000 kB
> cache_dir /usr/local/squid/logs/acces.log
> cache_log /usr/local/squid/logs/cache.log
> emulate_httpd_log off
> pid_filename /usr/local/squid/logs/squid.pid
> debug_options ALL,1
> ftp_list_width 64
> dns_children 5
> quick_abort_min 512 KB
> quick_abort_max 4096 KB
> quick_abort_pct 80
> connect_timeout 120 seconds
> #Defaults:
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> acl CONNECT method CONNECT
> #Defaul configuration:
> http_access allow menager localhost
                    ^^^^^^^
> http_acces deny manager

^^^^^^^^^^^^ a couple typos! (but that shouldn't affect it, I hope.)

> http_access deny !Safe_ports
> http_access allow all
> cache_mgr admin
> cache_effective_user squid
> cache_effective_group squid
> dns_testnames netscape.com internic.net
> logfile_rotate 5
> append_domain .clt-ufa.net
> minimum_direct_hops 4
> acl a dst 192.40.250.115
> acl b dst 192.40.250.23
> acl c dst 192.40.250.93
> never_direct deny a
> never_direct deny b
> never_direct deny c
> acl alls dst 0.0.0.0/0.0.0.0
> never_direct deny alls

Why are you specifying 3 specific "never_direct deny" destinations, and
then specifying all destinations as "never_direct deny"? I think the
latter should be the Squid default - it should not require you to go to
an upstream cache, but should go direct if the upstream cache is not
available. Was one of those "never_direct"s supposed to be an "allow",
to force some or all traffic to an upstream cache?

  -- Clifton

-- 
 Clifton Royston  --  LavaNet Systems Architect --  cliftonr@lava.net
        "An absolute monarch would be absolutely wise and good.  
           But no man is strong enough to have no interest.  
             Therefore the best king would be Pure Chance.  
              It is Pure Chance that rules the Universe; 
          therefore, and only therefore, life is good." - AC