Firewall blocks lan to squid port on localhost



  • Hello,

    in my firwall log I found block messages I do not understand:

    block  Mar 11 21:37:56    LAN    192.168.2.100:49733    127.0.0.1:3128    TCP:FA

    Sometimes I get about 20 to 30 of these messages with different source ports withing a short time. The destination port is evertime 3128.
    The the LAN IP is a client. Squid is running in transparent mode and port is set to 3128.

    Why LAN trys to get access to localhost?
    What's wrong on my squid configuration? Or could it be something esle?



  • I have the same problem. Did you find a solution? Please post how you resolved the problem?

    very strange what happened:

    i never had to take care of any firewall rules regarding squid. all of a sudden i could not access websites anymore.
    the firewall log sais:
    192.168.1.99:43911  to    127.0.0.1:3128    blocked

    so for now i added a rule on LAN interface:
    pass proto:TCP from source:any to destination:127.0.0.1 port:3128

    it works as expected.
    but still the question: what happened?



  • @don_sash:

    I have the same problem. Did you find a solution? Please post how you resolved the problem?

    No solution I found at this time.
    But suddenly it was gone. Maybe misconfiguration.


Locked