Vincent GAUVIN wrote:
> Hello all,
> I am running squid2.5.stable4 on a server (kernel 2.4.7.20. masquerade
> with iptables).
looks like your blocking your dns requests possibly more
> As soon as one of my workstation try a web request i read that in my
> cache.log file:
>
> 2003/12/24 13:19:24| comm_udp_sendto: FD 4, 212.27.32.176, port 53: (1)
> Operation not permitted
yep squid cant get to the dns server, an output rule has stopped it dead
> 2003/12/24 13:19:24| idnsSendQuery: FD 4: sendto: (1) Operation not
> permitted
>
> and obvioulsy it does not work:-((
> let me tell you that i have no Local DNS running and that 212.27.32.175 is
> one of my ISP's DNS.
> If i stop running squid everything is ok.
forwarding rules are differant to output and input rules in iptables, it
seems that you have forwarding working ok but you need to work on the
output and input rules to allow squid out of the firewall
> Someone has a idea to help me?
> thank's
you need to think like this
FORWARD - Works on your clients only
OUTPUT - Works on packets that originate from your firewall
INPUT - Works on packets that are destined for your firewall
see this link for a howto that explains the basics for you
http://www.netfilter.org/documentati...g-HOWTO-6.html
--
"You can bring any calculator you like to the midterm, as long as it
doesn't dim the lights when you turn it on."
-- Hepler, Systems Design 182
Similar Threads
Linear Mode
