Reid ha scritto:
These are the results of running the commands. Does it look like there is anything that could be
interfering with port 3128 connections?
--------------------------------------------------------------------
iptables-save
# Generated by iptables-save v1.2.11 on Thu Jun 28 15:32:38 2007
*nat
:PREROUTING ACCEPT [525278:45243592]
:POSTROUTING ACCEPT [420:38931]
:OUTPUT ACCEPT [420:38931]
COMMIT
# Completed on Thu Jun 28 15:32:38 2007
# Generated by iptables-save v1.2.11 on Thu Jun 28 15:32:38 2007
*mangle
:PREROUTING ACCEPT [702539:100216603]
:INPUT ACCEPT [211958:57721156]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [76059:28676083]
:POSTROUTING ACCEPT [76059:28676083]
COMMIT
# Completed on Thu Jun 28 15:32:38 2007
# Generated by iptables-save v1.2.11 on Thu Jun 28 15:32:38 2007
*filter
:INPUT ACCEPT [535723:156552090]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [177395:71003870]
COMMIT
# Completed on Thu Jun 28 15:32:38 2007
--------------------------------------------------------------------
iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
--------------------------------------------------------------------
iptables -n -L INPUT
Chain INPUT (policy ACCEPT)
target prot opt source destination
--------------------------------------------------------------------
telnet #.#.#.# 3128 [FROM CLIENT]
Could not open connection to host on port 3128. Connection failed
--------------------------------------------------------------------
tcpdump -n -i any port 3128
WARNING: Promiscuous mode not support on the "any" device
--------------------------------------------------------------------
Could you advise of how I can determine if there is some firewall running?
To check if there is a local firewall running:
iptables-save
To check if there is a firewall between the client and the Squid server:
run "tcpdump -n -i any port 3128" on the Squid server, then on a client
run "telnet ip.of.squid.server 3128".
Regards
Henrik
____________________________________________________________________________________
Be a PS3 game guru.
Get your game face on with the latest PS3 news and previews at Yahoo! Games.
http://videogames.yahoo.com/platform?platform=120121
It seems you firewall is totally "open", i.e. it doesn't have anything
that could interfere with any daemon.
That "Connection failed" message puzzles me: if I try to telnet a linux
host from another linux host to a port that I know for sure it's closed,
it tells me "Connectoin refused".
So either we are using different telnet clients (mine is run under
gentoo linux) or there is something very strange goning on...
Have you tried to make squid listen only on the 3128 port ?
Maybe you could start from there and then enable one other port at a time...
(just writing thoughts as they pop off my head :)
--
Marcello Romani
Responsabile IT
Ottotecnica s.r.l.
http://www.ottotecnica.com