From: Navneet Choudhary <navneetkc@gmail.com>
To: Jason Opperisano <opie@817west.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Fwd: Linux as router (Gateway Server)
Date: Sun, 13 Feb 2005 22:34:50 +0530 [thread overview]
Message-ID: <1dceb01205021309043b1bb1e8@mail.gmail.com> (raw)
In-Reply-To: <1108216901.4462.27.camel@hubcap.ljm.dom>
> > Feb 12 09:15:33 squid (squid): Cannot open HTTP Port
>
> that has nothing to do with iptables. my guess is that you are either:
>
> (a) telling squid to listen on a port that is already in use by another process
No, squid is listening on port 3128(not used by any process)
> (b) trying to start squid after it's already started
No, it's just started once.
> (c) running squid as an unprivileged user and trying to bind to a
> privileged port
No, it's being started by root.Afterward it's owned by squid
Is this stopping squid to access HTTP port?
Since, OUTPUT rule only allow user squid to access port 80 [Wild guess]
-A OUTPUT -o eth1 -p tcp -m tcp --sport 1024:65535 \ --dport 80
--tcp-flags SYN,RST,ACK SYN -m owner --uid-owner squid -j ACCEPT
> go read:
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.23
>
> (ps - google is your friend)
Always been our friend.
> > Why my iptables rule blocking squid to open HTTP port.
>
> it isn't.
I think some way this problem is related to iptables rule
Since, squid daemon won't die if i start it with no fireawall rule
(allowing everything to pass, no blocking/restrictions)
> -j
By the way, all my iptables rules were lifted or inspired by yours
reply to this mailing list[posted this month itself].
Thank you for your help & co-operation
regards,
Navneet
> --
> "It's not easy to juggle a pregnant wife and a troubled child, but
> somehow I managed to fit in eight hours of TV a day."
> --The Simpsons
>
>
next prev parent reply other threads:[~2005-02-13 17:04 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1dceb012050211233357e23dd4@mail.gmail.com>
2005-02-12 7:48 ` Fwd: Linux as router (Gateway Server) Navneet Choudhary
2005-02-12 8:15 ` Askar
2005-02-13 16:06 ` Navneet Choudhary
2005-02-12 14:01 ` Fwd: " Jason Opperisano
2005-02-12 22:02 ` Josh Nerius
2005-02-13 2:13 ` Georgi Alexandrov
2005-02-13 2:33 ` Josh Nerius
2005-02-13 11:55 ` Georgi Alexandrov
2005-02-13 17:34 ` Navneet Choudhary
2005-02-13 17:26 ` Navneet Choudhary
[not found] ` <420F4010.7050609@hotpop.com>
2005-02-13 21:38 ` Josh Nerius
2005-02-14 22:15 ` Jason Opperisano
2005-02-15 2:32 ` Josh Nerius
2005-02-13 17:21 ` Navneet Choudhary
2005-02-13 17:19 ` Navneet Choudhary
2005-02-13 17:04 ` Navneet Choudhary [this message]
2005-02-13 17:24 Gary W. Smith
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1dceb01205021309043b1bb1e8@mail.gmail.com \
--to=navneetkc@gmail.com \
--cc=netfilter@lists.netfilter.org \
--cc=opie@817west.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.