[sclug] Linux as router (Gateway Server)
Alex Butcher
lug at assursys.co.uk
Tue Feb 15 08:43:17 UTC 2005
On Tue, 15 Feb 2005, Navneet wrote:
>
>> Feb 12 09:15:33 squid (squid): Cannot open HTTP Port
>>
>> Why my iptables rule blocking squid to open HTTP port.
>
> [snip]
>
>> -A OUTPUT -o eth1 -p tcp -m tcp --sport 1024:65535 --dport 80
>> --tcp-flags SYN,RST,ACK SYN -m owner --uid-owner squid -j ACCEPT
>> -A OUTPUT -o eth1 -p tcp -m tcp --sport 1024:65535 --dport 443
>> --tcp-flags SYN,RST,ACK SYN -m owner --uid-owner squid -j ACCEPT
>> -A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
>> COMMIT
>> # Completed on Thu Feb 10 20:02:43 2005
>
>>> Is squid being started as the 'squid' user, 'nobody', 'root' or something
>>> else?
>
> Squid being started as the "squid" user.
OK, you didn't tell us that originally.
> Didn't you notice, squid starts without any error when strict firewall rules
> where flushed.
I noticed, but I was wondering whether the rules I quoted above were what
is causing the problem.
> Navneet
Best Regards,
Alex.
--
Alex Butcher Brainbench MVP for Internet Security: www.brainbench.com
Bristol, UK Need reliable and secure network systems?
PGP/GnuPG ID:0x271fd950 <http://www.assursys.com/>
More information about the Sclug
mailing list