Marco Salimu wrote: > Hello Tom > > First of all find attached shorewall dump output > second the ip address(es) is 10.4.13.87 and my public address is > 41.220.130.68. > > > New developments/Additional information: > When the i switch off squid/proxy server -- i can www.mydomain.com from > local. but when it is on i get the error message bellow > ************************************************************* > ERROR > The requested URL could not be retrieved > While trying to retrieve the URL: http://www.seda.or.tz/ > The following error was encountered: > * Connection to 41.220.130.68 Failed > The system returned: > (111) Connection refused > The remote host or network may be down. Please try the request again. > Your cache administrator is root. > Generated Sat, 10 Oct 2009 09:14:24 GMT by gate.seda.or.tz > (squid/2.6.STABLE21) > *********************************************************************** > > NOTE: > I have setup squid using "Shorewall_Squid_Usage" manual (squid is running > in Firewall/Shorewall machine)
There are no REDIRECT rules in the dump you sent. So I assume that the dump does not represent the configuration that fails? If that is the case, I suggest that when you re-add the REDIRECT rule, you re-add it as follows: REDIRECT loc 3128 tcp 80 - !41.220.130.68,10.4.13.87 That will allow HTTP requests to your DMZ's web server to bypass Squid (note that this approach is recommended in the "Shorewall_Squid_Usage" article). One other point -- you have installed Shorewall-perl but are apparently not using it. Any particular reason? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
