Re: [squid-users] Odd port behavior from squid from Henrik Nordstrom on 2007-05-05 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Sat, 05 May 2007 11:35:22 +0200

fre 2007-05-04 klockan 12:11 -0500 skrev Pat Riehecky:

> [44165032.820000] Dropped default (OUTPUT): IN= OUT=eth0
> SRC=MY.PROXY.IP.ADDRESS DST=SOME.RANDOM.IP.ADDR LEN=40 TOS=0x00
> PREC=0x00 TTL=64 ID=41807 DF PROTO=TCP SPT=3128 DPT=2660 WINDOW=7140
> RES=0x00 ACK PSH FIN URGP=0

For some reason SOME.RANDOM.IP.ADDR has been allowed to contact your
Squid on port 3128, but the response is not allowed out.

Make sure your iptables ruleset only allows trusted clients to connect
to your Squid port (INPUT ruleset).

Regards
Henrik

application/pgp-signature attachment: Detta är en digitalt signerad meddelandedel

Received on Sat May 05 2007 - 03:35:30 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT