On 10/18/19 4:55 AM, Vieri Di Paola wrote: > Hi, > > First off, a transparent TProxy web proxy will only work on the same > machine (the shorewall firewall), right? > I cannot have a transparent Squid proxy (with TProxy) on another server, > right? > > In any case, I'm trying to work out why I cannot access > http://104.113.250.104/ from a LAN host with IP addr. 10.215.144.48. I > am getting a connection timeout. > > This is a shorewall dump while trying to access port 80 on host with > IP addr. 104.113.250.104: > https://drive.google.com/file/d/13Pr2OCgCInY6E72krCci9BiHrB1lrMce/view?usp=sharing > > According to the Squid log, the web proxy (Squid) is trying to open a > TCP connection to the remote server (104.113.250.104). TCP SYN is > sent, but there's no reply. > > On the other hand, a command line HTTP client running on the > Squid/Shorewall box itself can access http://104.113.250.104:80 just > fine. > > How can I tell if I've made a mistake in my shorewall configuration, > or if it's a Squid config issue instead? >
From the dump, it looks like you are trying to TPROXY HTTPS (port 443) -- that doesn't work. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
