[squid-users] squid and iptables

From: Emilio Casbas <[email protected]>
Date: Mon, 12 May 2003 12:55:30 +0200

Hi.

What I want to do is get an iptables setup that works with squid in the
same box (not is a transparent proxy).

If squid is running and after I started iptables, works fine, but when
squid is stop, iptables start and I started squid (RunCache or squid -k
reconfigure) i have a problem with the port of squid

Squid is running well

bash-2.05a$ netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN

I started iptables, and ok, I can surf the web.
But I stop squid and restarted or squid -k reconfigure

bash-2.05a$ netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:1597 0.0.0.0:* LISTEN

Any rules of iptables:
           $IPTABLES -A INPUT -i $EXTERNAL_INTERFACE -d $IPADDR -p tcp
--dport {} -j ACCEPT
           $IPTABLES -A OUTPUT -o $EXTERNAL_INTERFACE -d $MYRED -p tcp
--dport {} -j ACCEPT
where the dport is: 8080, 53, 22 ...

What`s the wrong ?.
Thanks!

Emilio.
----------

Received on Mon May 12 2003 - 02:56:24 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:35 MST