Thanks, Christoph.
It is ok if I just use the localhost. It is just like the port is
invisble if I am using another
machine, is it possible to have some router rules that filtered the things out?
I have name service and ssh server on the machine too, both of them are ok.
and scan the address outside the subnet with nmap will have another closed port
7 closed echo
if you trying to
telnet PROXY_ADDR ANY_PORT_BESIDES_THOSE_THREE
it just will continuely (not refused) trying just like the packets are
swallowed by some thing..
Cheers,
Deephay
On 5/18/06, Christoph Haas <email@christoph-haas.de> wrote:
> On Thu, May 18, 2006 at 05:47:26PM +0800, Deephay wrote:
> > I am currently configuring a proxy server in order I can browsing
> > web through that,
> > but after I configured the proxy, it can only be accessed by the
> > localhost (correctly).
> >
> > telnet PROXY 44 will just continuely tring
> >
> > nmap -p 44 proxy returns back:
> > 44/tcp filtered xxxxx
> >
> > and here's a part of my configuration file
> > http_port 44
>
> A rather unusual port.
>
> > # Only allow cachemgr access from localhost
> > http_access allow manager localhost
> > http_access deny manager
> > # Only allow purge requests from localhost
> > http_access allow purge localhost
> > http_access deny purge
> > # Deny requests to unknown ports
> > http_access deny !Safe_ports
> > # Deny CONNECT to other than SSL ports
> > http_access deny CONNECT !SSL_ports
> > ...
> > ...
> > http_access allow all
>
> That should actually do it. What is the error message that you get?
>
> Additionally set 'debug_options ALL,1 33,2' in your squid.conf and run
> 'squid -k reconfig'. The cache.log should then tell you why an access is
> denied.
>
> Kindly
> Christoph
> --
> Please reply to the list - not to me personally. Personal replies are ignored.
>
Received on Thu May 18 2006 - 05:25:35 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT