Hi,
I'm using Squid/2.3.STABLE4-hno.CVS in a server that is configured a packet
filtering with iptables. This server has two ethernet adapters, internal
with IP 172.16.42.1 and external with IP 172.19.42.2. The default policy
for packet filtering is drop everything, and for IPC to work, I was configured
this rules:
iptables --append OUTPUT --out-interface lo --source 127.0.0.1 --destination
127.0.0.1 --jump ACCEPT
iptables --append INPUT --in-interface lo --source 127.0.0.1 --destination
127.0.0.1 --jump ACCEPT
this means, traffic goes in/out from loopback-ip to loopback-ip for all
protocols through loopback adapter. I have other rules but for standard
internet services.
Suddenly, some day, after months in production, without doing any change
to iptables script, squid have no more response.
By debugging /var/log/messages, I modified iptables rules to accept traffic
from 127.0.0.1 to 172.19.42.2, and from 172.19.42.2 to 127.0.0.1, and now
everything it's OK.
My questions are ¿ why suddenly has changed this behavior ? ¿ is this a
bug ? ¿ can I restore the old behavior ?
See << messages >> attach for debugging details.
Thanks in advance.
This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:02 MST