Thanks for the help, thank to you I found out that the problem lay in
the firehol/iptables.
/harly
Tek Bahadur Limbu wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Michael,
>
>
> On Thu, 13 Sep 2007 11:30:59 +0200
> Michael Harly <dizmoduck@gmail.com> wrote:
>
>> Every thing working fin on our Debian firewall box
>> we can access any utl with firefox, but we have block most url for using
>> IE and only allow very few utl ie: microfost update
>
> What do you mean when you say that "we have block most url for using IE and only allow very few utl ie: microfost update"?
>
> Does that mean that you are filtering based on browsers?
>
>> but now we have to url we can't access
>>
>> Our firewall box is:
>> Debian = 3.1
>> firewall = firehol v.5
>> proxy = squid v2.5
>
> Not very sure how the mechanisms of firehol v.5 work but I assume that they use IPTABLES in the front-end.
>
>> when we connect our new office whey want to access to url that they need
>> to access but was block by our firewall box but i can't fine any
>> entry's about this url.
>>
>> I have put them in the allow list but nothing helps
>
> Can you show us your squid.conf?
>
>> We can connect the url from the outside on our firewall
>>
>> In the syslog i get this
>> Sep 13 09:23:48 worf kernel: OUT-unknown:IN= OUT=eth2 SRC=129.142.24.162
>> DST=89.104.212.25 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=6700 DF PROTO=TCP
>> SPT=59858 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
>
> I think that your IPTABLES (firehol v.5) is filtering the site at: http://www.comendo.dk hosted at IP: 89.104.212.25.
>
> At least that's what the above IPTABLES log shows.
>
> Does the IP 129.142.24.162 come from your network inside your firewall?
>
>> In squid log I get:
>> 2352524545.344 3495897 ip-adr TCP_miss/504 1422 get
>> http://www.comendo.dk - none/ - text/html
>>
>> HTTP Error 504 - Gateway timeout
>
> Can you show us the output of: " /sbin/iptables -vnL "
>
> How is your network setup and it's layout?
>
>> please help!
>>
>> best regard
>> /harly
>>
>> The error page I get in Firefox after a log time:
>> ****
>> ERROR
>> The requested URL could not be retrieved
>>
>> While trying to retrieve the URL: http://www.comendo.dk/
>>
>> The following error was encountered:
>>
>> * Connection Failed
>>
>> The system returned:
>>
>> (110) Connection timed out
>>
>> The remote host or network may be down. Please try the request again.
>
> - From my experience,
>
> This error usually occurs if there is some kind of firewall in between your squid box and the web host.
>
> Running tcpdump on your firewall should reveal more details regarding why the connection is timing out.
>
> Hope that helps.
>
> Thanking you.....
>
>
>> Your cache administrator is support@uniscrap.dk.
>> Generated Thu, 13 Sep 2007 07:23:48 GMT by worf.mydomain.dk
>> (squid/2.5.STABLE9)
>>
>> *********
>>
>
>
>
> - --
>
> With best regards and good wishes,
>
> Yours sincerely,
>
> Tek Bahadur Limbu
>
> System Administrator
>
> (TAG/TDG Group)
> Jwl Systems Department
>
> Worldlink Communications Pvt. Ltd.
>
> Jawalakhel, Nepal
> http://wlink.com.np/
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (FreeBSD)
>
> iD8DBQFG6RVZfpE0pz+xqQQRAk38AKCCz+daUYaaoA+9sA872xA/PGHdAwCgwZ89
> zY0j3g33rSfMCFh2FDgMgec=
> =lVq3
> -----END PGP SIGNATURE-----
Received on Thu Sep 13 2007 - 07:41:59 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Oct 01 2007 - 12:00:02 MDT