http_access allow all is a bad thing. Usually it should read like
acl mynetworks src 192.168.1.0/24
http_access allow mynetworks
(assuming your internal network is 192.168.1.0/24)
Regarding the FTP problem. If you have problem reaching some FTP sites
then the problems are most likely caused by either
* inproper firewalling of ident requests. Many FTP servers expect the
machine to respond on the ident port (113), either with ident or "TCP
Reset".
* Non-working reverse lookups of the external IP of the proxy.
-- Henrik Nordstrom Squid hacker Mike Egglestone wrote: > > Hi.. > Question about a user FTP ing through the proxy.... > > I have a basic default install of squid > I put an FTP block using IP chains.... > I figured that because the proxy was set in the browser... > I could use FTP... > however.. it still gets blocked....sort of... > I noticed most FTP sites were unreadable... but others were ok > anyway... > Can someone point to the right area of the squid.conf to help me out...? > I noticed I had to enable the "http_access allow all" to get surfing > going.... > but is there something similar for FTP... > or.. if ipchains blocks ftp... then the user is out of luck? > > thanks > Mike > > -- > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Fri Jan 26 2001 - 16:39:02 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:36 MST