Joffrey FLEURICE
2006-Oct-13 07:08 UTC
Re: Tc rules Help with multiISP + squid& squidguard...
In policy $FW Net ACCEPT Dump.rar join THX -----Message d''origine----- De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep Envoyé : jeudi 12 octobre 2006 21:22 À : Shorewall Users Objet : Re: [Shorewall-users] Tc rules Help with multiISP + squid& squidguard... Joffrey FLEURICE wrote:> > > All works, but no surf with squid, if I disable REDIRECT and squid all > work perfectly.I don''t see any fw->net ACCEPT rule for TCP port 80. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Joffrey FLEURICE wrote:> In policy > > $FW Net ACCEPTThen what is the point of all of the $FW->Net ACCEPT rules???? If you a) Have the correct REDIRECT rule (which you do); and b) Are accepting $FW->Net HTTP traffic (which you are -- at least with your policy); and c) DNS works from your firewall (I assume it does since you are wide open from $FW->Net); then The problem is in your Squid configuration (this is true in %90 of the reports on this list where Squid doesn''t work; the other %10 fail to allow either HTTP or DNS from the firewall). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Apparently Analagous Threads
- Re: Tc rules Help with multiISP + squid& squidguard...
- Re: Tc rules Helpwith multiISP+ squid& squidguard...
- Re: Tc rules Help with multiISP + squid& squidguard...
- Re: Tc rules Help with multiISP+ squid& squidguard...
- Re: Tc rules Help with multiISP+ squid& squidguard...