On 26.05.2017 17:49, Amos Jeffries wrote:
On 26/05/17 07:51, Mike wrote:Walter, what I've found is when compiling to squid 3.5.x and higher, the compile options change. Also remember that many of the options that were available with 3.1.x are depreciated and likely will not work with 3.4.x and higher.The other issue is that squid is only supposed to be handling HTTP and HTTPS traffic, not FTP. trying to use it as a FTP proxy will need a different configuration than the standard HTTP/Secure proxy.Well, to be correct Squid talks HTTP to the client software. It has log supported mapping FTP server URLs into HTTP.This second problem seems like the symptoms of <http://bugs.squid-cache.org/show_bug.cgi?id=4132> which was fixed years ago in the Squid-3.5.5 release. But that was apparently a regression not affecting 3.4 or 3.1. Hmm.
Strange, isn't it?
On 5/25/2017 14:07 PM, Walter H. wrote:On 25.05.2017 12:50, Amos Jeffries wrote:On 25/05/17 20:19, Walter H. wrote:Hellowhat is the essential difference between the default squid package and this squid34 package,as I have problems using this squid34 package for FTP connections; there are no shown icons, when going to e.g. ftp://ftp.adobe.com/when I tell the browser to show the image then I get this squid generated message ...the same config /etc/squid/squid.conf works with the default squid package ...<message>While trying to retrieve the URL: http://proxy.local:3128/squid-internal-static/icons/silk/folder.png <http://zbox-ci323.waldinet.local:3128/squid-internal-static/icons/silk/folder.png>Notice the port number in that URL...yes I see the squid port 3128when I do this with the default squid package, there I get the icons, and when I want to get the URL of such an icon, it shows e.g. ftp://ftp.adobe.com/squid-internal-static/icons/anthony-dir.gifwhat is running wrong here? is there a setting I can change without having to allow port 3128 traffic go through the proxy?(this is not really logic, as the default squid package also doesn't allow port 3128 traffic go through ...)Er, it is using the recommended default config we ship from upstream. Some Vendors like to install packages that are not usable without manual attention. Usually by commenting out the "http_access allow localnet" rule though, not marking registered HTTP ports as unsafe for use with HTTP.Anyhow: acl Safe_ports port 3128 acl port3128 port 3128 acl squid-internal urlpath_regex ^/squid-internal Then add this directly before the "deny manager" line:http_access deny port3128 !squid-internal
Many thanks, this shows the icons and doesn't allow port 3128 go through ... exactly as I wanted Walter
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
