LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   squid port 8080, iptables? (https://www.linuxquestions.org/questions/linux-newbie-8/squid-port-8080-iptables-904372/)

qwertyjjj 09-22-2011 04:26 AM
squid port 8080, iptables?
 
I cannot get squid to connect on port 8080 even though it works on 80.
Firstly, should this iptables script have a DROP/REJECT command somewhere?
Port 8080 is open. squid conf is below:

Code:
# Generated by iptables-save v1.3.5 on Fri Sep 16 04:59:49 2011
*mangle
:PREROUTING ACCEPT [19588:10233482]
:INPUT ACCEPT [19588:10233482]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [18858:10334564]
:POSTROUTING ACCEPT [18858:10334564]
COMMIT
# Completed on Fri Sep 16 04:59:49 2011
# Generated by iptables-save v1.3.5 on Fri Sep 16 04:59:49 2011
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [18851:10333352]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 8002 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 9001 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 1935 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Sep 16 04:59:49 2011
# Generated by iptables-save v1.3.5 on Fri Sep 16 04:59:49 2011
*nat
:PREROUTING ACCEPT [1234:59200]
:POSTROUTING ACCEPT [338:21268]
:OUTPUT ACCEPT [338:21268]
COMMIT
# Completed on Fri Sep 16 04:59:49 2011
Code:
http_access deny manager
http_access allow ncsa_users
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access deny maxuser
http_access allow localhost
http_access deny all
icp_access allow all
http_port 8080
http_port xxx.xxx.xx.xx:80
hierarchy_stoplist cgi-bin ?
cache_mem 100 MB
maximum_object_size_in_memory 50 KB
cache_replacement_policy heap LFUDA
cache_dir aufs /var/spool/squid 40000 16 256
maximum_object_size 50 MB

acid_kewpie 09-23-2011 01:27 AM
is squid listneing? check "netstat -plnt"

qwertyjjj 09-23-2011 02:17 AM
Seems to be:

Code:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address              Foreign Address            State      PID/Program name 
tcp        0      0 xxx.xxx.xx.xx:80            0.0.0.0:*                  LISTEN      5325/(squid)       
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                  LISTEN      5325/(squid)       
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                  LISTEN      1449/sshd         
tcp        0      0 127.0.0.1:25                0.0.0.0:*                  LISTEN      1938/sendmail: acce

qwertyjjj 09-28-2011 02:14 PM
any ideas?

acid_kewpie 09-28-2011 02:29 PM
ok it's there, so can you telnet to port 8080? what about to localhost?

qwertyjjj 09-28-2011 02:48 PM
Quote:
Originally Posted by acid_kewpie (Post 4484686)
ok it's there, so can you telnet to port 8080? what about to localhost?
err, how do you mean telnet to the port? You mean try and access the port via SSH? SSH is not setup to allow access on those ports.

acid_kewpie 09-28-2011 02:49 PM
no, i mean via telnet. if i meant SSH then i wouldn't have said telnet. :confused:

qwertyjjj 09-28-2011 03:09 PM
Quote:
Originally Posted by acid_kewpie (Post 4484703)
no, i mean via telnet. if i meant SSH then i wouldn't have said telnet. :confused:
how do I telnet to something?

acid_kewpie 09-28-2011 03:13 PM
telnet 1.2.3.4 8080

qwertyjjj 09-28-2011 03:34 PM
no, but I can;t telnet to port 80 either and port 80 is definitely working with the proxy

qwertyjjj 10-06-2011 07:06 AM
any ideas?

acid_kewpie 10-06-2011 10:58 AM
as above, see if you can telnet to that port. if you don't understand what that means, google for something like "telnet troubleshoot" and have a read. Basically telnet can be used to ensure tcp connections can be established., not that you can actually use telnet for its traditional purpose


All times are GMT -5. The time now is 12:36 AM.