s.squid-cache.org] On
> Behalf Of Walter H.
> Sent: Tuesday, July 18, 2017 15:29
> To: squid-users@lists.squid-cache.org
> Subject: [squid-users] Packets logged as blocked even Firewall (IPtables)
> accepts them ...
>
> Hello,
>
> my Router Box runs a CentOS 6, with the EPEL
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf
Of Walter H.
Sent: Tuesday, July 18, 2017 15:29
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Packets logged as blocked even Firewall (IPtables)
a
Subject: [squid-users] Packets logged as blocked even Firewall (IPtables)
accepts them ...
Hello,
my Router Box runs a CentOS 6, with the EPEL squid34 RPM package
this the iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
# Allow multicast
-A INPUT -d 224.0.0.0/4 -j ACCE
On Wednesday 19 July 2017 at 10:40:36, Walter H. wrote:
> On Wed, July 19, 2017 11:31, Antony Stone wrote:
> > On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> >> I added these rules, and will see which packets are caught
> >>
> >> -A INPUT -m state --state INVALID -j LOG --log-prefix "I
On Wed, July 19, 2017 11:31, Antony Stone wrote:
> On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
>
>> I added these rules, and will see which packets are caught
>>
>> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]:
>> "
>> --log-level 7
>> -A FORWARD -m state --sta
On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> I added these rules, and will see which packets are caught
>
> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]: "
> --log-level 7
> -A FORWARD -m state --state INVALID -j LOG --log-prefix "IP[FWD(invalid)]:
> " --log
On Wed, July 19, 2017 03:21, Amos Jeffries wrote:
> On 19/07/17 01:37, Walter H. wrote:
>> On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
>>> On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>
-A INPUT -i br0 -m tcp -p tcp --
On 19/07/17 01:37, Walter H. wrote:
On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
-A INPUT -j LOG --log
On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
> On 18.07.17 14:29, Walter H. wrote:
>>-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
>
>>-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
>
>>-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
>
On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
[17-Jul-2017; 19:49:13.590130] IP[IN]: IN=br0 OUT=
MAC=24:01:
On Tuesday 18 July 2017 at 13:29:04, Walter H. wrote:
> Hello,
>
> my Router Box runs a CentOS 6, with the EPEL squid34 RPM package
>
> this the iptables
>
Does the output of "iptables -L -nvx" match the ruleset you've quoted here?
I'm just wondering whether the rules have got loaded properly
Hello,
my Router Box runs a CentOS 6, with the EPEL squid34 RPM package
this the iptables
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
# Allow multicast
-A INPUT -d 224.0.0.0/4 -j ACCEPT
-A OUTPUT -d 224.0.0.0/4 -j ACCEPT
# Allow anything on the local link
-A INPUT -i lo -j
12 matches
Mail list logo
