I'm actually running both squid and apt-cacher-ng. Squid uses apt-cacher-ng internally as a parent, only for deb packages to save bandwidth since apt-cacher handles that better than squid...and both do it transparently. Here is how it's supposed to work and was working earlier before I upgraded to Ubuntu Precise from Lucid.
web request outgoing on port 80 -> FW -> port 33128 (squid) -> Internet apt request outgoing on port 80 -> FW -> port 33128 (squid) -> port 33142 (apt) -> Internet note both squid and apt are running locally on the firewall machine, under the primary group proxy. Attaching compressed shore wall dump Thanks, Anshuman On 5 July 2012 03:08, Tom Eastep <teas...@shorewall.net> wrote: > On 7/4/12 11:50 AM, Tom Eastep wrote: >> On 7/4/12 11:35 AM, "Anshuman Aggarwal" <anshuman.aggar...@gmail.com> >> wrote: >> >>> I have allowed port 80 to all users and the redirect works. >>> >>> Problem is I have a apt-cacher-ng proxy process which is run as >>> apt-cacher-ng with group apt-cacher-ng which proxies the debian >>> packages and which I want to access port 80 directly. For this process >>> to be excluded, I made its primary group 'proxy' and changed the init >>> script so it launched the process with the group as 'proxy' . still >>> the redirect loop is happening for this apt-cacher-ng process >> >> >> Then you are doing something different than I'm doing (besides running >> apt-cacher-ng rather than Squid3). > > If you send us the output of 'shorewall dump' as a compressed > attachment, we'll take a look. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >
two.swdump.bz2
Description: BZip2 compressed data
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
