From: Josh Nerius <jnerius@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: Fwd: Linux as router (Gateway Server)
Date: Sun, 13 Feb 2005 15:38:55 -0600 [thread overview]
Message-ID: <4f3930a705021313382ed454fe@mail.gmail.com> (raw)
In-Reply-To: <420F4010.7050609@hotpop.com>
> hola Josh,
>
> I did a quick test:
> DROP policy on the INPUT chain, and flushed all the rules (as a result i
> couldn't even ping myself)
> squid: standart debian/unstable package - unprivilleged user, port 3128.
> the result: squid is able to bind to his port fine, with DROP policy on
> the INPUT chain and no rules at all.
>
> regards,
> Georgi Alexandrov
George,
As Navneet pointed out, he using a redirector (squidguard). This is
exactly what I suspected, and exactly what I explained. The reasons
you had the results you did, is because your setup is *not*
duplicating that of Navneets or the situation I described.
I find it amusing, but irritating, that you seem to be trying to prove
what I have said wrong when you do not have an understanding of the
problem, or the information I provided.
------------------------------
Navneet,
I had the same issue you are experiencing while using SquidGuard some
time back. The resolution was playing with accepting traffic from and
to 127.0.0.1. I honestly don't remember the exact rules as it was some
time ago I dealt with this issue, but a minor amount of
experimentation should prove to solve the issue. I'm currently digging
through old configs etc and will let you know if/when I find the exact
rules I put in place to resolve the issue.
I hope everything works out for you.
--
Math problems? Call 1-800-[(10x)(13i)^2]-[sin(xy)/2.362x]
next prev parent reply other threads:[~2005-02-13 21:38 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1dceb012050211233357e23dd4@mail.gmail.com>
2005-02-12 7:48 ` Fwd: Linux as router (Gateway Server) Navneet Choudhary
2005-02-12 8:15 ` Askar
2005-02-13 16:06 ` Navneet Choudhary
2005-02-12 14:01 ` Fwd: " Jason Opperisano
2005-02-12 22:02 ` Josh Nerius
2005-02-13 2:13 ` Georgi Alexandrov
2005-02-13 2:33 ` Josh Nerius
2005-02-13 11:55 ` Georgi Alexandrov
2005-02-13 17:34 ` Navneet Choudhary
2005-02-13 17:26 ` Navneet Choudhary
[not found] ` <420F4010.7050609@hotpop.com>
2005-02-13 21:38 ` Josh Nerius [this message]
2005-02-14 22:15 ` Jason Opperisano
2005-02-15 2:32 ` Josh Nerius
2005-02-13 17:21 ` Navneet Choudhary
2005-02-13 17:19 ` Navneet Choudhary
2005-02-13 17:04 ` Navneet Choudhary
2005-02-13 17:24 Gary W. Smith
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4f3930a705021313382ed454fe@mail.gmail.com \
--to=jnerius@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.