HI I have a Linux based fire wall ( iptables) that allow access to client on the Internet, I have current allowed all ports open both incoming and out going . I can access all site and all ports accept the site http://manage.resellerclub.com/reseller or http://manage.answerable.com/kb ( which i currently really important site for a dept in my company ) . i have no error logs to work with ... no logs what so ever .... except it give me page cannot be displayed on the browser. I had squid configured on my sever but have current stoped it . This problem has occurred since yesterday i flushed the cache ( # > /var/spool/squid/swap.state) but i don't think that should be a problem since i stoped squid !! .
How do i go about troubleshooting this issue ??
Thanks
On Thu, Dec 20, 2007 at 05:14:24PM +0530, Agnello George wrote:
HI I have a Linux based fire wall ( iptables) that allow access to client on the Internet, I have current allowed all ports open both incoming and out going . I can access all site and all ports accept the site http://manage.resellerclub.com/reseller or http://manage.answerable.com/kb ( which i currently really important site for a dept in my company ) . i have no error logs to work with ... no logs what so ever .... except it give me page cannot be displayed on the browser. I had squid configured on my sever but have current stoped it . This problem has occurred since yesterday i flushed the cache ( # > /var/spool/squid/swap.state) but i don't think that should be a problem since i stoped squid !! .
Did you have an iptables rule redirecting you automatically to Squid? Do you still have it?
Can you try from a host outside this network?
Devdas Bhagat
Did you have an iptables rule redirecting you automatically to Squid? Do you still have it?
Yes i did have port 80 redirected to 3128 but as of now i don't have any of that rule in iptables .Now there is direct access to the net without squid .
Can you try from a host outside this network?
yes from a remote server in a data center i tried accessing the site http://manage.resellerclub.com/reseller and it works no issue there!!
I have even tried accessing the site http://manage.resellerclub.com/reseller via command line ( lynx ) from my proxy server and this is the log i received after i did a netstat -tap
[root@squid ~]# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 xxx.xxx.xxx.xxx.static-v:33511 67-15-47-4.opticaljung:http FIN_WAIT2 -
humm!! any ideas ??
On Thu, Dec 20, 2007 at 05:34:54PM +0530, Agnello George wrote:
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 xxx.xxx.xxx.xxx.static-v:33511 67-15-47-4.opticaljung:http FIN_WAIT2 -
Pssst, hiding IP addresses when troubleshooting is a bad idea. Especially now that I can't even look at the logs on the webserver.
Devdas Bhagat
Does any one else ahve any better idea !!! :-= )...whats wrong here
On 20-Dec-07, at 6:14 PM, Devdas Bhagat wrote:
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 xxx.xxx.xxx.xxx.static-v:33511 67-15-47-4.opticaljung:http FIN_WAIT2 -
Pssst, hiding IP addresses when troubleshooting is a bad idea. Especially now that I can't even look at the logs on the webserver.
a general rule - copy and paste errors exactly - if you obfuscate anything no one can help you
On 12/20/07, Agnello George agnello.dsouza@gmail.com wrote:
HI I have a Linux based fire wall ( iptables) that allow access to client on the Internet, I have current allowed all ports open both incoming and out going . I can access all site and all ports accept the site http://manage.resellerclub.com/reseller or http://manage.answerable.com/kb ( which i currently really important site for a dept in my company ) . i have no error logs to work with
Please paste your squid.conf .
regards VK
On 12/20/07, vivek khurana mailing.vivek@gmail.com wrote:
On 12/20/07, Agnello George agnello.dsouza@gmail.com wrote:
HI I have a Linux based fire wall ( iptables) that allow access to client on the Internet, I have current allowed all ports open both incoming and out going . I can access all site and all ports accept the site http://manage.resellerclub.com/reseller or http://manage.answerable.com/kb ( which i currently really important site for a dept in my company ) . i have no error logs to work with
Please paste your squid.conf .
you'll will never believe this bu the reason we couldn't visit manage.resellerclub.com/reseller was cause they blocked our public ip address .... we had an additional public IP address we added it and the proxy server was able to connect to manage.resellerclub.com/reseller ( myorderbox.com ) . Now need to find out why they would do such a thing ...HUmm .... thanks anyways for all the help
-- Agnello . G .Dsouza email : agnello.dsouza@gmail.com
www.linux-vashi.blogspot.com www.study-the-word.blogspot.com
On Fri, Dec 21, 2007 at 09:09:30AM +0530, Agnello George wrote:
you'll will never believe this bu the reason we couldn't visit manage.resellerclub.com/reseller was cause they blocked our public ip address .... we had an additional public IP address we added it and the proxy server was able to connect to manage.resellerclub.com/reseller ( myorderbox.com ) . Now need to find out why they would do such a thing ...HUmm .... thanks anyways for all the help
Well, if you ever manage to figure out why letting me know your public address was needed, let me know, and I'll see what I can dig up about the blocking from our internal logs.
Devdas Bhagat
-
Agnello George -
Devdas Bhagat -
Kenneth Gonsalves -
vivek khurana