[squid-users] Unable to access a device over port 4434

Piana, Josh Josh.Piana at hexcel.com
Wed Oct 16 20:03:30 UTC 2024 

We do have a firewall in front of the Squid server. 

We're using a Checkpoint firewall but I've been told, a few times, that the firewall is not blocking traffic coming from the proxy. 

Squid's IP address is statically set and connected to one of our VLANS which hosts the majority of our servers. We're not likely to change that. 

We have the Web Proxy at 10.46.11.69 and the firewall listens for port 8080. 

-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Matus UHLAR - fantomas
Sent: Wednesday, October 16, 2024 2:00 PM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Unable to access a device over port 4434

Caution: This email originated from outside of Hexcel. Do not click links or open attachments unless you recognize the sender and know the content is safe.


On 16.10.24 16:10, Piana, Josh wrote:
>After running the below commands, I did restart squid and tested again. No luck.
>
>Here's the outputs:
>
># iptables -L -n -v

>Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target     prot opt in     out     source               destination

># iptables -t nat -L -n -v
>Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target     prot opt in     out     source               destination

># nft list tables
>No output
>
># nft list table ip filter
>Error: No such file or directory
>list table ip filter

Sorry, should've been "nft list table filter" but it really looks like you have completely no firewall locally.

Do you have any firewall in front of your server?
Can you change your quid server's IP address you use to connect to internet?



># they also recommended changing sysctl "net.ipv4.tcp_ecn" to '0'
># sysctl net.ipv4.tcp_ecn=0
>
># confirm
># sysctl net.ipv4.tcp_ecn
>net.ipv4.tcp_ecn = 0
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list