Ricardo A wrote:
> Dear Chris and Henrik,
> I'm sorry, but now cannot access webpages from outside...
> Yes I can from LAN...
>
> I repeat that is a debian Lenny webserver-fileserver-firewall (iptables-Squid 2.7-Samba 3-Apache 2, all in the same machine).
>
> The setting:
>
> Squid 2.7
>
> http_port 192.168.000.1:3128 transparent
> http_port 80 accel defaultsite=mysite.com vhost
>
As I stated in my first email, this line should be...
http_port 192.168.0.1:80 accel defaultsite=mysite.com vhost
...because just using the port tells Squid to bind to all interfaces.
You need to limit it to the public interface so Apache can bind to the
loopback.
> cache_peer 127.0.0.1 parent 80 0 no-query originserver name=Ricardo
> cache_peer_access Ricardo mysite.com allow MyWeb
> cache_peer_access Ricardo mysite.com deny all
>
> Where the acl "MyWeb" is:> acl myweb dstdomain mysite.com mysite1.com mysite2.com.ar
>
> (The sites are all on the same Apache, Virtual directory)
>
> Iptables:
>
> $IPTABLES -A tcp_packets -p TCP -s 0/0 -dport 80 -j allowed
>
> $IPTABLES -t nat -A PREROUTING -i $LAN_IFACE -s $LAN_IP_RANGE -d ! $LAN_IP_RANGE -p tcp -dport 80 -j REDIRECT> -to-ports 3128
>
> Apache 2:
>
> port.conf
>
> LISTEN 127.0.0.1:80
> ------------
> With these settings, Apache 2 again warn:
>
> apache2(98)Address already in use: make_sock: could not> bind to address [::]:80> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80> no listening sockets available, shutting down> Unable to open logs
>
> Thanks in advance...
> Ricardo
>
Chris
Received on Thu Sep 03 2009 - 19:39:46 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 04 2009 - 12:00:02 MDT