Mailinglist Archive: opensuse-security (78 mails)
| < Previous | Next > |
problem with susefirewall2 and squid
- From: Walter Pabon Guerra <walterpg@xxxxxxxxx>
- Date: Thu, 26 Jan 2006 10:35:29 -0500
- Message-id: <22ef5ea70601260735u58583f4dn97912a77c181e2@xxxxxxxxxxxxxx>
hi, i have a problem with susefirewall2, i can make ping to google
from internal network, but i cant open any site from firefox
i have a squid server but i can't establish connection between proxy
and firewall....the proxy runs and the susefirewall then, but in my
lan don't connect for proxy squid....
this are my lines....agane:
/* SuSEfirewall2 configuration file */
FW_DEV_EXT="eth-id-00:11:25:65:19:a8" #eth0
FW_DEV_INT="eth-id-00:11:95:e1:d0:a2" #eth1
#
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="192.168.0.0/24"
FW_FORWARD="172.19.1.101/16,192.168.0.1,tcp,80"
FW_MASQ_DEV="$FW_DEV_EXT"
#
FW_SERVICES_ACCEPT_EXT=""
#
FW_SERVICES_EXT_TCP="22"
#FW_SERVICES_EXT_IP=""
#
FW_SERVICES_INT_TCP="3128 80"
#FW_SERVICES_INT_IP=""
#
FW_PROTECT_FROM_INT="yes"
#
#FW_ALLOW_PING_INT="yes"
#
FW_REDIRECT="192.168.0.1/24,0/0,tcp,80,3128"
/* end SuSEfirewall2 configuration file */
and this is my squid server configuration:
/* squid configuration files */
GNU nano 1.3.8 Fichero: /etc/squid/squid.conf
http_port 3128
cache_dir ufs /usr/local/squid/cache 700 16 256
#
# Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 192.168.0.1/255.255.255.255
acl red-lan src 192.168.0.0/255.255.255.0
#
visible_hostname localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow localhost
http_access allow red-lan
#http_access deny all
/* end squid configuration files */
I will be waiting for suggestions !.....
thanks !
Atte.
<<_waltico_>>
Walter Pabon Guerra
"Don't worry, Be Linux..."
http://www.utpinux.org
http://waltico.utpinux.org
from internal network, but i cant open any site from firefox
i have a squid server but i can't establish connection between proxy
and firewall....the proxy runs and the susefirewall then, but in my
lan don't connect for proxy squid....
this are my lines....agane:
/* SuSEfirewall2 configuration file */
FW_DEV_EXT="eth-id-00:11:25:65:19:a8" #eth0
FW_DEV_INT="eth-id-00:11:95:e1:d0:a2" #eth1
#
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="192.168.0.0/24"
FW_FORWARD="172.19.1.101/16,192.168.0.1,tcp,80"
FW_MASQ_DEV="$FW_DEV_EXT"
#
FW_SERVICES_ACCEPT_EXT=""
#
FW_SERVICES_EXT_TCP="22"
#FW_SERVICES_EXT_IP=""
#
FW_SERVICES_INT_TCP="3128 80"
#FW_SERVICES_INT_IP=""
#
FW_PROTECT_FROM_INT="yes"
#
#FW_ALLOW_PING_INT="yes"
#
FW_REDIRECT="192.168.0.1/24,0/0,tcp,80,3128"
/* end SuSEfirewall2 configuration file */
and this is my squid server configuration:
/* squid configuration files */
GNU nano 1.3.8 Fichero: /etc/squid/squid.conf
http_port 3128
cache_dir ufs /usr/local/squid/cache 700 16 256
#
# Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 192.168.0.1/255.255.255.255
acl red-lan src 192.168.0.0/255.255.255.0
#
visible_hostname localhost
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
http_access allow localhost
http_access allow red-lan
#http_access deny all
/* end squid configuration files */
I will be waiting for suggestions !.....
thanks !
Atte.
<<_waltico_>>
Walter Pabon Guerra
"Don't worry, Be Linux..."
http://www.utpinux.org
http://waltico.utpinux.org
| < Previous | Next > |