> -----Original Message----- > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of > Paul Collen > Sent: Friday, November 25, 2005 10:59 AM > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: RE: Letting out port 80 traffic > > Hello, > > Yep, it's working now but I don't know how. As far as I can > see it's configured the same way it was when I started this > morning, but Squid isn't running so theoretically we > shouldn't have web access. I don't want to fiddle with it > anymore today (being POETS day) but I'm sure I'll break it > again on Monday. > > Thanks for your help with this problem. > > Cheers, > > Paul. > Since you are using Squid, your client users will attempt to use the proxy (8080?) rather than going out port 80 on the firewall until they forget about the proxy settings and request pages directly (IE is set to automatically discover proxy settings by default, while Firefox is set to connect directly by default). Since you opened port 80, your web clients now have an alternate path to the Internet. At least that is my best guess. =) Derick Anderson
