Hello,
I am looking for documentation about the squid log, what does it mean TCP
MISS 503, instead of 200.
Is a problem of configuration in Squid or IPtables ?
thanks
-----Original Message-----
From: David LE GOUPIL [mailto:dlegoupil@cfcc.ie-eg.com]
Sent: mercredi 31 août 2005 16:31
To: ronny@spacenet.co.ug
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] TCP MISS 503
My iptables rules :
iptables -A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED -p tcp --dport
21 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -p tcp --sport 21 -j
ACCEPT
iptables -A OUTPUT -o eth0 -m state --state ESTABLISHED -p tcp --dport 20 -j
ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -p tcp
--sport 20 -j ACCEPT
iptables -A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED -p tcp --dport
80 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -p tcp --sport 80 -j
ACCEPT
iptables -A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED -p tcp --dport
443 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -p tcp --sport 443 -j
ACCEPT
iptables -A OUTPUT -o eth0 -m state --state NEW,ESTABLISHED -p tcp --dport
8443 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -p tcp --sport 8443
-j ACCEPT
iptables -A OUTPUT -o eth0 -m state --state ESTABLISHED,RELATED -p tcp
--sport 1024:65535 --dport 1024:65535 -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED -p tcp --sport
1024:65535 --dport 1024:65535 -j ACCEPT
eth0 is my internet interface
but any idea about the "503" means ?
-----Original Message-----
From: Ronny [mailto:ronny@spacenet.co.ug]
Sent: mercredi 31 août 2005 15:45
To: David LE GOUPIL
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] TCP MISS 503
How does your iptables interception rule look like? Did you try
intercepting tcp--->80 only?Seems you are doing for all (port 3128 for
any protocols ) which might be the problem!
Ronny
David LE GOUPIL wrote:
>Hello,
>
>I have a LAN connect to internet through a Firewall Iptable with squid (
>port 3128 for any protocols )
>
>On my internet browser (workstation), I obtain this
>
> En essayant de charger l'URL : ftp://ftp.kernel.org/pub/
> L'erreur suivante a été rencontrée :
> . La connexion a échoué
> Le système a retourné :
> (13) Permission denied
>
>In my access.log, I have this message:
>
> 237 192.168.0.59 TCP_MISS/503 1564 GET ftp://ftp.kernel.org/pub/ -
>NONE/- text/html
>
>I have the same message when I try to connect to ssl connection.
>In my firewall's log I can not see any significant DROP.
>
>What the raison of a TCP_MISS/503 ?
>
>David,
>
>
>
>
-- *************************************************************************** / ''We can't become what we need to be by remaining what we are''\ \ ,, ,,/ ***************************************************************************Received on Wed Aug 31 2005 - 07:50:25 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:03 MDT