[Cialug] Squid/IPTables help
L. V. Lammert
lvl at omnitec.net
Thu Mar 3 09:45:18 CST 2011
On Thu, 3 Mar 2011, albus wrote:
> Have you made sure you opened the firewall for the squid port. It's usually
> 3128 unless you've changed it.
>
Normal traffic is OK, turns out the problem was an issue in the configs
that we had as backups. The iptables script was pointing ssl traffic
*through* squid, something I would not expect; after recompiling squid for
ssl with no success, I had a reply from a chap in MI that confirmed what I
thought - ssl traffic should not be handled by squid as ssl will interpret
that as a 'man-in-the-middle' attack.
It appears that the backup copy I had was not the final version, as taking
that redirect line out of the iptables script fixed the problem.
Lee
More information about the Cialug
mailing list