[squid-users] Squid Proxy - One subnet recognised
Amos Jeffries
squid3 at treenet.co.nz
Sat Oct 16 12:18:11 UTC 2021
On 16/10/21 12:33 am, Ryan Absolom wrote:
> Hi All
>
> Wondering if anyone can help - we've recently added a new subnet to
> squid.conf (exactly the same layout / variables used as previous
> subnets) however this doesn't get recognised.
>
What do you mean by "added" ?
With a default squid.conf it would just be a new value on the "acl
localnet" line(s). Then it works.
What do you mean by "recognised" ?
No meaning of the word "recognise" aligns with any action a proxy like
Squid performs.
> What makes this more confusing is we have to disable Selinux in order to
> be able to pick up a connection to the server (telnet/nc) for this
That is indeed very confusing. SELinux protects OS API calls against
unwanted accesses. It can interfere with some Squid features, but
network connections is usually not one of them.
DO you have ARP / EUI based ACLs other subnets somehow avoid?
or doing NAT interception of this new traffic source differently from
others?
or receiving this traffic over an unusual (eg non-Ethernet) type of
interface?
As Joey mentioned already, the network firewall (eg iptables/ip6tables)
is another thing to check.
Amos
More information about the squid-users
mailing list