[opensuse] Yet another Leap15.0 woe: upgrading 42.3 with squid installed as ftp proxy amongst others derails ftp proxy capability bein on Leap 15.0
This upgraded 42.3 system with a very simple squid-cache running on it, windows machines, configured to use this leap machine, can no longer download stuff via simple ftp url, e.g. via firefox when using this squid then being on leap 15.0 The never-ending troubles of nightmareish Suse upgrades. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2018-06-06 23:31, cagsm wrote:
This upgraded 42.3 system with a very simple squid-cache running on it, windows machines, configured to use this leap machine, can no longer download stuff via simple ftp url, e.g. via firefox when using this squid then being on leap 15.0
The never-ending troubles of nightmareish Suse upgrades.
The upgrade from 42.3 to 15.0 is a Major upgrade. You should not do the procedure on a production machine without testing in advance all the services you use and need. That's your job as system admin. -- Cheers / Saludos, Carlos E. R. (from 42.3 x86_64 "Malachite" at Telcontar)
cagsm wrote:
This upgraded 42.3 system with a very simple squid-cache running on it, windows machines, configured to use this leap machine, can no longer download stuff via simple ftp url, e.g. via firefox when using this squid then being on leap 15.0
You feed ftp requests through squid ? I guess it never occurred to me :-) Anyway, some more information would be useful, if you want help diagnosing the issue.
The never-ending troubles of nightmareish Suse upgrades.
Haven't had any of those here. -- Per Jessen, Zürich (17.8°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/07/2018 12:46 AM, Per Jessen wrote:
cagsm wrote:>> The never-ending troubles of nightmareish Suse upgrades. Haven't had any of those here.
Never forget you catch many more flies with honey that you do with salt... (and yes, I dread upgrades, which is why I don't do them, fresh installs and taking the time to move each config and validate the operation of each seems to be just about as quick in the long run... Even moving 42.3 to SSD, I did a fresh install and them moved my config over verbatim -- worked like a charm) -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Jun 7, 2018 at 7:46 AM, Per Jessen <per@computer.org> wrote:
You feed ftp requests through squid ? I guess it never occurred to me :-)
well have been using squid-cache for a very long time over the suse releases, for smallish lan networks and mainly windows clients. windows proxy settings offers to use proxy for http, https, ftp and socks even. never cared about socks. situation is: 42.3 upgraded to 15.0 some software vendor used on the lan, hands out some downloads via ftp. i clicked the download from a firefox webbrowser, on a windows now that leap 15 upgraded. the ftp download of multiple hundreds of megabytes, briefly started and managed to grab sometimes 1kbyte sometimes 18kbytes sometimes no kbytes at all showing only a stall in firefox download window. when i removed the proxy settings on windows, the firefox would connect directly. the leap 15 is also the nat router. 42.3 was simply with susefirewall2, leap 15 is with firewalld i guess. havent messed with any of it. so now i am unsure where the problem would be here, in squid cache, or some nat or firewall parts, or nat helpers for ftp? passsive mode pasv rings some bells from history inet times. but i had never problems when being on 42.3 before on those clients and in that network. also other stuff surfing via squid works just fine, http, https even with 15 ;) there are way too many bugs these days. will need to take a look into the squid access logs to find out a bit, but just dont have the time to deal with these endless things caused by suse upgrades, and to be honest, these are not rocket science changes or bugs or inventing top notch sate of the art stuff and being unfinished work. this has always been breakage on the simple side of things and unsound engineering or complete lack of quality control. i guess this is life. normal and standard proceedings everywhere on the planet. :( -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
cagsm wrote:
On Thu, Jun 7, 2018 at 7:46 AM, Per Jessen <per@computer.org> wrote:
You feed ftp requests through squid ? I guess it never occurred to me :-)
well have been using squid-cache for a very long time over the suse releases, for smallish lan networks and mainly windows clients.
We also run squid, just not for ftp. There is so little ftp traffic, I doubt if any effect would be measureable. Anyeway, irrelevant.
situation is: 42.3 upgraded to 15.0 some software vendor used on the lan, hands out some downloads via ftp. i clicked the download from a firefox webbrowser, on a windows now that leap 15 upgraded.
the ftp download of multiple hundreds of megabytes, briefly started and managed to grab sometimes 1kbyte sometimes 18kbytes sometimes no kbytes at all showing only a stall in firefox download window.
Okay. So ftp via squid (on leap15) is now slow tending towards not working. squid on leap42.3 was 3.5.21, squid on leap15 is 4.0.23. That appears to be a major jump, but I'm not really familiar with the squid release numbering.
when i removed the proxy settings on windows, the firefox would connect directly. the leap 15 is also the nat router. 42.3 was simply with susefirewall2, leap 15 is with firewalld i guess. havent messed with any of it.
A firewall problem is easily eliminated - stop the firewall, does that improve on the ftp download? I think leap15 comes with a susefirewall-to-firewalld migration script, did you go through that step?
so now i am unsure where the problem would be here, in squid cache, or some nat or firewall parts, or nat helpers for ftp? passsive mode pasv rings some bells from history inet times. but i had never problems when being on 42.3 before on those clients and in that network.
also other stuff surfing via squid works just fine, http, https even with 15 ;)
I think you need the ftp connection tracker module, check if it is loaded. If not, try loading it to see if that improves the situation. -- Per Jessen, Zürich (22.6°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/08/2018 12:56 PM, cagsm wrote:
the ftp download of multiple hundreds of megabytes, briefly started and managed to grab sometimes 1kbyte sometimes 18kbytes sometimes no kbytes at all showing only a stall in firefox download window.
I just went to ftp://ftp.fu-berlin.de/ and downloaded ls-lR, almost 1GB in total. The file downloaded at 6MB/s with about 15% CPU load on proxy. No problems. I'm using the default squid.conf.
so now i am unsure where the problem would be here, in squid cache, or some nat or firewall parts, or nat helpers for ftp? passsive mode pasv rings some bells from history inet times. but i had never problems when being on 42.3 before on those clients and in that network.
ftp_passive ON is default. You should probably don't touch that because firewalls and such. - Adam -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (5)
-
Adam Majer -
cagsm -
Carlos E. R. -
David C. Rankin -
Per Jessen