Ricardo A wrote:
Dear Chris and Henrik,
I'm sorry, but now cannot access webpages from outside...
Yes I can from LAN...
I repeat that is a debian Lenny webserver-fileserver-firewall (iptables-Squid 2.7-Samba 3-Apache 2, all in the same machine).
The setting:
Squid 2.7
http_port 192.168.000.1:3128 transparent
http_port 80 accel defaultsite=mysite.com vhost
As I stated in my first email, this line should be...
http_port 192.168.0.1:80 accel defaultsite=mysite.com vhost
...because just using the port tells Squid to bind to all interfaces.
You need to limit it to the public interface so Apache can bind to the
loopback.
cache_peer 127.0.0.1 parent 80 0 no-query originserver name=Ricardo
cache_peer_access Ricardo mysite.com allow MyWeb
cache_peer_access Ricardo mysite.com deny all
Where the acl "MyWeb" is:> acl myweb dstdomain mysite.com mysite1.com mysite2.com.ar
(The sites are all on the same Apache, Virtual directory)
Iptables:
$IPTABLES -A tcp_packets -p TCP -s 0/0 -dport 80 -j allowed
$IPTABLES -t nat -A PREROUTING -i $LAN_IFACE -s $LAN_IP_RANGE -d ! $LAN_IP_RANGE -p tcp -dport 80 -j REDIRECT> -to-ports 3128
Apache 2:
port.conf
LISTEN 127.0.0.1:80
------------
With these settings, Apache 2 again warn:
apache2(98)Address already in use: make_sock: could not> bind to address [::]:80> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80> no listening sockets available, shutting down> Unable to open logs
Thanks in advance...
Ricardo
Chris
