[squid-users] squid intercept config

Monah Baki monahbaki at gmail.com
Thu Mar 5 18:10:31 UTC 2015 

root at ISN-PHC-CACHE:/home/support # pfctl -s nat
No ALTQ support in kernel
ALTQ related functions disabled
rdr pass inet proto tcp from 10.0.0.0/8 to any port = http -> 10.0.0.24
port 3129

On Thu, Mar 5, 2015 at 1:08 PM, Yuri Voinov <yvoinov at gmail.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can you run pfctl -s nat state on proxy box?
>
> 06.03.15 0:05, Monah Baki пишет:
> > Ok let me ask the client tomorrow to run telnet 10.0.0.24 80 from
> > a workstation
> >
> > Thanks for he help Yuri
> >
> > On Thu, Mar 5, 2015 at 1:02 PM, Yuri Voinov <yvoinov at gmail.com>
> > wrote:
> >
> >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> >>
> >> Sorry, I'm wrong. Netstat on host can't show redirected
> >> listeners.
> >>
> >> Need to check it externally.
> >>
> >> 05.03.15 23:59, Monah Baki пишет:
> >>> On 10.0.0.24
> >>>
> >>> root at ISN-PHC-CACHE:/home/support # netstat -an Active Internet
> >>> connections (including servers) Proto Recv-Q Send-Q Local
> >>> Address Foreign Address        (state) tcp4       0     52
> >>> 10.0.0.24.22 96.255.8.226.50911 ESTABLISHED tcp4       0      0
> >>> *.3129 *.*                    LISTEN tcp4       0      0
> >>> *.3128 *.*                    LISTEN tcp4       0      0 *.81
> >>> *.*                    LISTEN tcp6       0      0 *.81 *.*
> >>> LISTEN tcp4       0      0 *.22 *.*                    LISTEN
> >>> tcp6       0      0 *.22 *.*                    LISTEN tcp6
> >>> 0      0 ::1.562 ::1.40066 ESTABLISHED tcp6       0      0
> >>> ::1.40066 ::1.562 ESTABLISHED tcp6       0      0 *.561
> >>> *.* LISTEN tcp6       0      0 *.562                  *.*
> >>> LISTEN tcp4       0      0 *.199                  *.* LISTEN
> >>> tcp4       0      0 *.10000                *.* LISTEN udp4
> >>> 0      0 *.3401                 *.* udp4       0 0 *.34985
> >>> *.* udp4       0      0 *.* *.* udp4       0      0 *.161
> >>> *.* udp4       0 0 *.162                  *.* udp4       0
> >>> 0 *.10000 *.* udp4       0      0 127.0.0.1.123          *.*
> >>> udp6       0 0 fe80::1%lo0.123        *.* udp6       0      0
> >>> ::1.123 *.* udp4       0      0 10.0.0.24.123          *.* udp6
> >>> 0 0 *.123                  *.* udp4       0      0 *.123 *.*
> >>> udp4       0      0 *.514                  *.* udp6       0 0
> >>> *.514                  *.*
> >>>
> >>>
> >>>
> >>> On Thu, Mar 5, 2015 at 12:12 PM, Yuri Voinov
> >>> <yvoinov at gmail.com> wrote:
> >>>
> >>> - From your PC run telnet 10.0.0.24 80. You've seen if TCP
> >>> socket opens.
> >>
> >>
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQEcBAEBAgAGBQJU+JuSAAoJENNXIZxhPexGmkMIAJQNjE4TwhTnO1hI+jqWgG06
> XmPpDOkpv6xiMezh4NrgMNA3YRDysjEXHBywMlBop92/iLAehv1nyadMhIdWmPj0
> im9RFuHVgTiEz9Fr7llc6jyz6oEkp4Ne3//FilvII0X2M8tnSknhiMhYliuloX8p
> 98IjTJPWDsYeEqURcwbxtGCz431GrpLmKTZkxQuw43a1hIQha4570prmbvcwU1xP
> TLgv/WhltGRJyXszr3pwh1R/6cM8UYCK8iNgxn6KJvh2x+8hyc5avyttEbmyQDz+
> JfuZoOyCyNU321yiONFS4EaPRWZsoUv+s59mS37m8gSuGIED6aKWlgceRE4OOgQ=
> =t9CZ
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150305/631ea27d/attachment.html>

More information about the squid-users mailing list