Yeah I know what you mean. I found this problem after having a related
problem with a client's FileMaker Pro database on the web -- which uses an IANA
registered port number of 591 -- it kept refusing access to users on the other
side of Squid proxies, and in particular Squids that had been upgraded recently.
The problem is that the new version specifies which ports *will* have access,
rather than specifying which ones won't, and the list includes only things like
FTP, Telnet, Gopher, etc. and then anything from 1035 to
65-thousand-and-something (can't remember what). Now that means that if someone
is using a port number below 1035 and that has not been specified in it's config
then you will get access denial reports on your log. It also means that Squid
will take longer to resolve these because it is having to check'em all.
There's not much you can do about it rather than sending a message to the Squid
requests, like I did, to include more port numbers that are registered with
IANA.
You will also be getting users on the receiving end of these warnings/errors
who will be frustrated and will probably blame you. They will be trying to
access databases and things, perhaps using CGI's or even SSL's, but Squid won't
let'em past (which is a real bummer of a way to end your on-line shopping
spree ;-)
Alan
On Tue, 21 Mar 2000, Juha Saarinen wrote regarding Squid weirdness:
> Trying to figure out why Web browsing was slower going through Squid rather
> than directly to the 'Net, I looked in cache.log and found lots of these
> messages:
>
> 2000/03/21 22:54:48| comm_udp_sendto: FD 1, 255.255.255.255, port 53: (13)
> Permission denied
> 2000/03/21 22:54:48| idnsSendQuery: FD 1: sendto: (13) Permission denied
>
> I've grepped for both comm_udp_sendto and idnsSendQuery on my system, but
> apart from Squid's cache.log and the Squid binary, there's no mention of
> these anywhere else.
>
> Anybody seen this before?
>
> Regards,
>
> -- Juha
>
> ________________________________
>
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
***************************************************
AlphaByte
PO Box 1941
Auckland
New Zealand
http://www.alphabyte.co.nz
___________________________________________________
Specialising in:
Graphic Design, Education and Training,
Technical Documentation, Consulting.
***************************************************
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
