Firewall blocks lan to squid port on localhost

Tubs · Mar 11, 2012, 8:50 PM

Hello,

in my firwall log I found block messages I do not understand:

block Mar 11 21:37:56 LAN 192.168.2.100:49733 127.0.0.1:3128 TCP:FA

Sometimes I get about 20 to 30 of these messages with different source ports withing a short time. The destination port is evertime 3128.
The the LAN IP is a client. Squid is running in transparent mode and port is set to 3128.

Why LAN trys to get access to localhost?
What's wrong on my squid configuration? Or could it be something esle?

don_sash · Aug 11, 2012, 2:48 PM

I have the same problem. Did you find a solution? Please post how you resolved the problem?

very strange what happened:

i never had to take care of any firewall rules regarding squid. all of a sudden i could not access websites anymore.
the firewall log sais:
192.168.1.99:43911 to 127.0.0.1:3128 blocked

so for now i added a rule on LAN interface:
pass proto:TCP from source:any to destination:127.0.0.1 port:3128

it works as expected.
but still the question: what happened?

Tubs · Aug 17, 2012, 10:29 PM

@don_sash:

I have the same problem. Did you find a solution? Please post how you resolved the problem?

No solution I found at this time.
But suddenly it was gone. Maybe misconfiguration.