That's squid connecting to the foreign websites on port 80 (http). If you
want to firewall it allow squid to setup a state out on port 80 (make sure
its statefull), and firewall everything else in...
You don't have a security problem with it connected from a random port to
port 80 on another machine - you should be carefull about people browsing
through you if its open though (e.g. block port 3128)
-----Original Message-----
From: devendra [mailto:devendra@zayanionline.com]
Sent: 21 August 2004 02:05 PM
To: Henrik Nordstrom
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] ip setup
Hello,
from foreign IP port 80 to our external network IP at different port > than
1024 like 55963,55965,55964,55871 and so on.
Can u suggest me, on which NIC i should block incoming or outgoing request.
Deven
At 01:36 PM 21/08/2004, Henrik Nordstrom wrote:
>On Sat, 21 Aug 2004, devendra wrote:
>
>>for client machines and other is configured with external network, but i
>>found that lot of foreign IP connecting to the external ip, with
>>connection ESTABLISHED and SYN_SENT.
>
>These are most likely the requests Squid is making out to the Internet to
>fetch the content requested by the users.
>
>What are the local port numbers of these connections? Is many going to the
>same local port number or all to different ports > 1024?
>
>Regards
>Henrik
Received on Sat Aug 21 2004 - 06:15:43 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT