LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] either transparent proxy or iptables problem.

[ILUG] either transparent proxy or iptables problem.

Darragh lists at digitaldarragh.com
Fri Jan 4 20:48:15 GMT 2008 

I've been messing with this since my origional message.

I set up squid guard and after getting rid of the initial configuration
problems, it finally gives me a status of ready to serve in it's logs.

I've downloaded a reasonably decent blacklist and it's recognising it
however when I test squid, it's still not blocking anything.

I wanted to test it to make sure that there wasn't something wrong with
squids logging and it was definitly not working correctly but it definitly
seems like squid just is not getting any traffic.

Any ideas?

On Fri, January 4, 2008 6:24 pm, Darragh wrote:
> Hello,
>
> Oh it's been an interesting few hours.
>
> first, since last night, I've been unable to access the server.  mainly
> because I am using a headless machine so I only access it via ssh and
> something went wrong with the iptables and all access on any port was
> completely blocked.  To my delight though, this was fixed with a reboot
> and a purge of the iptables rules.
>
> So, at the moment, everything seems to be running reasonably well as far
> as routing goes.  a simple traceroute shows that connections are going
> through the server, to the router out to the internet.
>
> This iptables stuff is particularly difficult to read!  I'd really love to
> find a way of displaying this tabular stuff in just straight forward
> format.  either that, or in some kind of format that I can export to html.
>  Me and tables that are only formatted using spaces just don't mix at all.
>  I really have no idea how blind people use the linux CLI all the time.
> Ok.  rant over.
>
> so... my problem:
> I have squid set up and I have got past a few problems that cropped up due
> to a few changes between this version and the older one.  hmmm.   so much
> for backword compatibility!  The error messages were as useful as an
> ashtray on a motorbike!
>
> I've tested the route with squid running and all is still flowing
> properly.
>
> when I run squid though, in the logs, I see a line that says that port
> 3128 is in use.  Here is the error:
> squid[16079]: commBind: Cannot bind socket FD 13 to *:3128: (98) Address
> already in use
>
> when I use netstat, I see:
> tcp        0      0 0.0.0.0:3128            0.0.0.0:*               LISTEN
>
> now... I could be barking up the wrong tree completely, but this is the
> only reason that I can see why squid may not be handling requests.
>
> nmap shows the following:
> 3128/tcp open  squid-http
>
> Here are my iptables rules.   I think it should be sending traffic to 3128
> but it's kind of difficult to tell for sure at the moment.
>
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:22
> ACCEPT     icmp --  192.168.2.25         anywhere
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> ACCEPT     udp  --  anywhere             anywhere            udp spt:67
> dpt:68
> ACCEPT     all  --  anywhere             anywhere
> DROP       tcp  --  anywhere             anywhere            tcp dpt:1214
> DROP       udp  --  anywhere             anywhere            udp dpt:1214
> LOG        tcp  --  anywhere             anywhere            tcp
> dpts:0:1023 state NEW LOG level warning prefix `LOW PORT TCP CONNECTION: '
> LOG        udp  --  anywhere             anywhere            state NEW udp
> dpts:0:1023 LOG level warning prefix `LOW PORT UDP CONNECTION: '
> LOG        tcp  --  anywhere             anywhere            state NEW tcp
> dpts:1024:65535 LOG level warning prefix `HIGH PORT UDP CONNECTION: '
> LOG        udp  --  anywhere             anywhere            state NEW udp
> dpts:1024:65535 LOG level warning prefix `HIGH PORT UDP CONNECTION:'
> LOG        tcp  --  anywhere             anywhere            tcp
> flags:!SYN,RST,ACK/SYN state NEW LOG level warning prefix `NEW NOT SYN: '
> LOG        icmp --  anywhere             anywhere            LOG level
> warning prefix `ECHO: '
> ACCEPT     udp  --  anywhere             anywhere            udp spt:123
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
>
>
> Thanks again.
>
>
>
> Darragh
>
> --
> Irish Linux Users' Group mailing list
> About this list : http://mail.linux.ie/mailman/listinfo/ilug
> Who we are : http://www.linux.ie/
> Where we are : http://www.linux.ie/map/
>

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell