Fwd: Linux as router (Gateway Server)
navneetkc at gmail.com
Sun Feb 13 18:04:50 CET 2005
> > Feb 12 09:15:33 squid (squid): Cannot open HTTP Port
> that has nothing to do with iptables. my guess is that you are either:
> (a) telling squid to listen on a port that is already in use by another process
No, squid is listening on port 3128(not used by any process)
> (b) trying to start squid after it's already started
No, it's just started once.
> (c) running squid as an unprivileged user and trying to bind to a
> privileged port
No, it's being started by root.Afterward it's owned by squid
Is this stopping squid to access HTTP port?
Since, OUTPUT rule only allow user squid to access port 80 [Wild guess]
-A OUTPUT -o eth1 -p tcp -m tcp --sport 1024:65535 \ --dport 80
--tcp-flags SYN,RST,ACK SYN -m owner --uid-owner squid -j ACCEPT
> go read:
> (ps - google is your friend)
Always been our friend.
> > Why my iptables rule blocking squid to open HTTP port.
> it isn't.
I think some way this problem is related to iptables rule
Since, squid daemon won't die if i start it with no fireawall rule
(allowing everything to pass, no blocking/restrictions)
By the way, all my iptables rules were lifted or inspired by yours
reply to this mailing list[posted this month itself].
Thank you for your help & co-operation
> "It's not easy to juggle a pregnant wife and a troubled child, but
> somehow I managed to fit in eight hours of TV a day."
> --The Simpsons
More information about the netfilter