On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i br0 -m tcp -p tcp --dport 3128 -m state --state NEW -j ACCEPT
-A INPUT -j LOG --log-prefix "IP[IN]: " --log-level 7
[17-Jul-2017; 19:49:13.590130] IP[IN]: IN=br0 OUT= MAC=24:01:00:00:01:24:24:00:08:01:05:24:08:00 SRC=192.168.0.10 DST=192.168.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=54916 DPT=3128 WINDOW=0 RES=0x00 RST URGP=0
it's a RST packet, apparently for connection that was already closed and thus is not ESTABLISHED,RELATED nor NEW logging state INVALID could explain
by the way the router box has of course more interfaces a br0 (LAN) and eth1 (WAN), where can I ensure that squid only listens to the LAN IP?
here:
# Squid normally listens to port 3128 http_port 3128
see http://www.squid-cache.org/Doc/config/http_port/ -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
