RE: [squid-users] Firewall problems

iptables -t nat -A PREROUTING -i eth0 -p tcp -dport http -j
REDIRECT --to-port 3128
When I remove this line from my firewall script all work fine.
and before when i have a public ip on the eth1 squid work correctly.

Thanks
Guy

> -----Original Message-----
> From: Jan Humme [mailto:jan.humme@xs4all.nl]
> Sent: Wednesday, August 21, 2002 5:15 PM
> To: De Leeuw Guy; squid-users@squid-cache.org
> Subject: Re: [squid-users] Firewall problems
>
>
> On Wednesday 21 August 2002 16:20, De Leeuw Guy wrote:
> > Hello all,
> >
> > I have a firewall configuration problem :
> > Before June if have a internet provider that give me an
> range adress like
> > 195.0.50.X,
> > from start of july I change my provider that give me only
> one IP adress.
> > I change my firewall configuration ( Linux + iptables).
> > But now squid doesn't work. Can you help me ?
>
> "Squid doesn't work"?
>
> Maybe you can be just a bit more specific, and tell us about
> the things that
> DO and the things that DON'T work?
>
> > Firewall :
> > internet -------eth1 eth0---- Private network
> >
> > eth0 : hostname WorldGate.eurofer.be IP 192.168.3.190
> > eth1 : hostname gwWorld.eurofer.be IP 10.10.10.2
> > Public IP 194.78.206.16
> >
> > iptables :
> > ==========
> > iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -j SNAT --to-source
> > 194.78.206.16
> > iptables -t nat -A PREROUTING -i eth0 -p tcp -dport http -j
> > REDIRECT --to-port 3128
>
> Did you "echo 1 >/proc/sys/net/ipv4/ip_forward" to enable the router?
>
> Use "cat /proc/sys/net/ipv4/ip_forward" to check.
>
> >
> > squid :
> > =======
> > cache-peer proxy.skynet.be parent 8080 3130 no-query
> > visible-host-name WorldGate.eurofer.be
> >
> > What is missing ?
> >
> > Thank in advance
> > Guy
>
> JH.
Received on Wed Aug 21 2002 - 09:21:31 MDT