Leonardo Carneiro wrote:
> you could bind squid to only listen the LAN interface. doind this, no
> one will be able to estabilish a external connection with squid.
I'll try that, but I thought my firewall rules were taking care of
that. They may not be though...I'm just recently learning iptables.
I'll post back with the results.
Thanks!
>
> Matthew Morgan escreveu:
>> I have squid set up as a transparent proxy. It has two interfaces:
>> eth0 (internet facing wan) and eth1 (local). I'm using iptables to
>> masquerade the packets from my local network on eth1 and redirect
>> them to squid's port. All this seems to work fine.
>>
>> The thing is, I keep seeing long periods of high incoming traffic on
>> eth0, but low outgoing traffic on eth0, and nearly no traffic on
>> eth1. Every time I see this, the data is always coming from either
>> llnw.net or msecn.net. Both of these are legitimate content delivery
>> networks. When I inspect the traffic I'm getting with
>> tcpdump/wireshark, none of the traffic from these domain is going
>> through to eth1 at all. I can confirm that this traffic is going to
>> squid, since a netstat -p shows squid as the program with the
>> connection open.
>>
>> What could be causing this? I tried turning off persistent
>> connections in case a client was making the connection and then
>> ignoring the data, but I'm not sure if that's possible or the
>> problem. I'm not a network expert.
>>
>
Received on Tue Sep 22 2009 - 15:58:28 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 23 2009 - 12:00:03 MDT