l: elie...@ngtech.co.il
-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf
Of Walter H.
Sent: Tuesday, July 18, 2017 15:29
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Packets logged as blocked even Firewall (IPtables)
acce
ct: [squid-users] Packets logged as blocked even Firewall (IPtables)
accepts them ...
Hello,
my Router Box runs a CentOS 6, with the EPEL squid34 RPM package
this the iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
# Allow multicast
-A INPUT -d 224.0.0.0/4 -j ACCEPT
-A
On Wednesday 19 July 2017 at 10:40:36, Walter H. wrote:
> On Wed, July 19, 2017 11:31, Antony Stone wrote:
> > On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> >> I added these rules, and will see which packets are caught
> >>
> >> -A INPUT -m state --state INVALID -j LOG --log-prefix
On Wed, July 19, 2017 11:31, Antony Stone wrote:
> On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
>
>> I added these rules, and will see which packets are caught
>>
>> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]:
>> "
>> --log-level 7
>> -A FORWARD -m state
On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> I added these rules, and will see which packets are caught
>
> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]: "
> --log-level 7
> -A FORWARD -m state --state INVALID -j LOG --log-prefix "IP[FWD(invalid)]:
> "
On Wed, July 19, 2017 03:21, Amos Jeffries wrote:
> On 19/07/17 01:37, Walter H. wrote:
>> On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
>>> On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>
-A INPUT -i br0 -m tcp -p tcp
On 19/07/17 01:37, Walter H. wrote:
On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
-A INPUT -j LOG
On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
> On 18.07.17 14:29, Walter H. wrote:
>>-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
>
>>-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
>
>>-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
[17-Jul-2017; 19:49:13.590130] IP[IN]: IN=br0 OUT=
On Tuesday 18 July 2017 at 13:29:04, Walter H. wrote:
> Hello,
>
> my Router Box runs a CentOS 6, with the EPEL squid34 RPM package
>
> this the iptables
>
Does the output of "iptables -L -nvx" match the ruleset you've quoted here?
I'm just wondering whether the rules have got loaded
Hello,
my Router Box runs a CentOS 6, with the EPEL squid34 RPM package
this the iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
# Allow multicast
-A INPUT -d 224.0.0.0/4 -j ACCEPT
-A OUTPUT -d 224.0.0.0/4 -j ACCEPT
# Allow anything on the local link
-A INPUT -i lo
11 matches
Mail list logo
