Dear Sir Amos
I had reconfigured Squid 3.5 and it works fine. but i want to protect WAN interface through IPTABLESFor Example:
-A INPUT -j LOG
-A INPUT -j DROP
Then allow
-A INPUT-i eth1 -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
but its block traffic. Can you please help me what allow rule will works for Squid 3.5 when i secure my WAN.-A INPUT-i eth1 -j ACCEPT
-A FORWARD -i eth1 -j ACCEPT
On Fri, Apr 14, 2017 at 4:28 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 13/04/2017 11:46 p.m., Arsalan Hussain wrote:
> Dear All,
>
> I am facing problem with iptable rules for squid 3.5.23. my simple squid
> configuration is attached and also iptable rules.
>
> It works fine when i restart squid, iptables, network services but after a
> while it give problem of slow speed or even rejecting packets in squid
> access.log
Your squid.conf first line says that Browsers are configured to use the
proxy. That means iptables doing NAT is not relevant.
You also have a mix of a many very different and half-setup proxying
configurations in your configs.
First get that sorted out. Telling us what do you actually want the
traffic to be doing might be a good start.
What is going wrong is clear, but "I am facing a problem" does not tell
what we should advise to fix that and in this case your config is so
mixed its not easy to even make a good guess.
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
With Regards,
Arsalan Hussain
Assistant Director, Networks & Information System
PRESTON UNIVERSITY
Add: Plot: 85, Street No: 3, Sector H-8/1, Islamabad, Pakistan
Cell: +92-322-5018611
UAN: (51) 111-707-808 (Ext: 443)
If you are too lazy to plow now, don't expect a harvest, later
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
