Hello Tom I too have the same problem
Squid-3.1.3 stable Kernel 2.6.18-194.3.1.el5 Centos 5.5 Cannot access ftp sites, getting this in my dmesg: conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 conntrack_ftp: partial 229 568375762+13 regards, Dawie Pretorius senior linux engineer I compiled squid 3.1.3 on a 2.6.27-kernel. There I have the same problems. I still cannot access the ftp-server (ftp://ftp.gnu.org) or ftp://ftp.novell.com. With the old one (3.0.Stable23), it's working. 2010/6/10 Tom Tux <[email protected]>: > I'm using kernel 2.6.32. I read, that there's a problem with Tproxy > and Kernel 2.6.32 (http://wiki.squid-cache.org/Features/Tproxy4). > Could this perhaps be the same problem? > > In the accesslog I have the following entry: > 1276164891.054 14880 xx.xx.xx.xx TCP_MISS/504 3865 GET > ftp://ftp.gnu.org/ user1 DIRECT/140.186.70.20 text/html > > Thanks. > Tom > > > 2010/6/10 Amos Jeffries <[email protected]>: >> Tom Tux wrote: >>> >>> Hi >>> With Squid 3.1.3, I'm not able to connect a ftp-site (ex. >>> ftp://ftp.gnu.org/). The squid-process tries to connect the ftp-server >> >> Error message generated by the failure please. >> >>> with a dynamic port (not tcp 21). This will be blocked through our >>> firewall: >>> tcp 0 1 squidproxy:37656 ftp.gnu.org:64789 SYN_SENT >>> 106 562158 6442/(squid) >>> >>> I have a analog configuration with squid 3.0.STABLE 23 and there it >>> works. The squid-process connect the remote-ftp-server with the normal >>> port tcp 21. >>> >>> What could be wrong here? >> >> I think that port you see is one of the DATA channels FTP protocol uses, >> separate to the control channel on port 21. >> >> Amos >> -- >> Please be using >> Current Stable Squid 2.7.STABLE9 or 3.1.4 >> > Note: Privileged/Confidential information may be contained in this message and may be subject to legal privilege. Access to this e-mail by anyone other than the intended is unauthorised. If you are not the intended recipient (or responsible for delivery of the message to such person), you may not use, copy, distribute or deliver to anyone this message (or any part of its contents ) or take any action in reliance on it. All reasonable precautions have been taken to ensure no viruses are present in this e-mail. As our company cannot accept responsibility for any loss or damage arising from the use of this e-mail or attachments we recommend that you subject these to your virus checking procedures prior to use. The views, opinions, conclusions and other information expressed in this electronic mail are not given or endorsed by the company unless otherwise indicated by an authorized representative independent of this message.
