This is not a Squid problem. It is a broken firewall disliking the
standards track TCP extension ECN (RFC 3168, Proposed Standard,
September 2001).
Support for ECN is enabled by default in some Linux distributions. You
can disable it by running
echo 0 >/proc/sys/net/ipv4/tcp_ecn
Also take the time to complain to the operators of the sites you have
found, telling them that their firewall is broken and denies fully valid
traffic.
For more information about ECN see http://www.aciri.org/floyd/ecn.html
Regards
Henrik Nordström
Squid Hacker
Pedro Alte wrote:
>
> Hi all.
>
> I'm using squid on a linux box running RedHat 7.1 (squid 2.3something)
> and it works pretty well, except for some FTP sites.
>
> When I open a browser on a client (tryed with Konqueror and Internet
> Explorer 5), and type for example 'ftp.compaq.com' the browser hangs
> or I get a 'time out' message after a long time. Although, some ftp's
> are working quite well.
>
> I tryed to figure out what was the main difference between these FTP
> sites and the ones that work, and I guess I found it.
> The FTP sites which I can't browse through squid are Windows NT FTP
> Servers, like Compaq and NAI servers, while browsing unix FTP sites
> (like HP, CAI,...) everything works fine.
>
> Does anyone know why this is happenning? ...any solution...?
> Thanx in advance. Cheers.
>
> Pedro.
Received on Wed Nov 14 2001 - 11:19:59 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:12 MST