I'm trying to finalize the setup of a new squid cache acting as a transparent
proxy. As we finish up testing and tweak the config, I'm suddenly finding a
lot of traffic getting TCP_DENIED to (what looks like) port 25.
Unfortunatly, I don't have full access to the entire network in question, so
I can't be 100% sure that there isn't a router somewhere else that's
misconfigured, but I wanted to check in to see if maybe there's some squid-
related explanation for this traffic.
Has anyone seen this before? Am I right in my thinking that SMTP traffic
is (for some reason) trying to go through squid? Is there some other
explanation than saying a router somewhere is redirecting incorrectly?
The funny thing about the whole situation is that mail is working fine in
spite of it. You'd think people would be having trouble with email.
Here's an example log entry:
1080054163.917 3 <ip munged> TCP_DENIED/403 1346 CONNECT <ip munged>:25 - NONE/- text/html
The ":25" means that's the destination port, correct?
-- Bill Moran Potential Technologies http://www.potentialtech.comReceived on Tue Mar 23 2004 - 08:04:11 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:02 MST