squid and apache2 problems

fdelval · 11-11-2010, 11:46 AM

Hello

I have a server running both apache2 (default port) and squid (3128 port)

I set an squid ACL so my LAN 192.168.1.0 gets filtered.

ok all works fine except for external web petitions. When i try to access my web server from the outside, using my public ip, i get a SQUID DENIED.

i guess that is because in squid ACL's there is something like:
http_access all deny at the end of the file.

How can i allow external petitions to my web?

fdelval · 11-11-2010, 12:45 PM

update:

i think its because of iptables rules, look:

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128

looks like i could aim for a --source 192.168.1.* --dport 80.... rule...

could it work?

*********yes it did
-s 192.168.1.0/24 did the trick.

just for expanding my knowledge, is there any way to create an ACL so every non 192.168.1.0/24 user gets "logged" but not applied the same deny/allow rules than my 192.168.1.0/24 network?

fdelval · 11-15-2010, 03:16 AM

still no alternatives?

ganesh24pal@gmail.com · 11-15-2010, 04:23 AM

This is issue may be with ur firewall, please check.

fdelval · 11-15-2010, 05:35 AM

Quote:

Originally Posted by ganesh24pal@gmail.com

This is issue may be with ur firewall, please check.

no, the error mesage is brought by squid
the firewall sure fixes it bypassing the squid filter.

both work ok, and i found a way to make apache and squid work in same PC.
All i want to know is if there are other ways of allowing external users to check my webpage, maintaining my LAN restrictions