Re: SELinux and Squid - Non-default squid http_port (!=3128)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: SELinux and Squid - Non-default squid http_port (!=3128)
From: Paul Howarth <paul@xxxxxxxxxxxx>
Date: Tue, 30 Aug 2005 15:12:35 +0100
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla Thunderbird 1.0.6-1.1.fc4 (X11/20050720)

Øyvind Stegard wrote:

By 'squid_allow_any', I am assuming you mean 'squid_connect_any'. Itried this instead of 'squid_disable_trans', but that does not work.

That would allow squid to connect outbound to web servers running onnon-standard ports; it doesn't affect the port that squid can bind toitself.

I can only get squid up and running on http_port 64030 by setting'squid_disable_trans'.

An alternative approach would be to install the policy sources and edit/etc/selinux/targeted/src/policy/net_contexts, adding a line:


portcon tcp 3128  system_u:object_r:http_cache_port_t

replacing 3128 with the port number you want to use.

Then do:

# cd /etc/selinux/targeted/src/policy
# rm policy.conf
# make reload

Paul.

Follow-Ups:
- Re: SELinux and Squid - Non-default squid http_port (!=3128)
  - From: Daniel J Walsh

References:
- SELinux and Squid - Non-default squid http_port (!=3128)
  - From: Øyvind Stegard
- Re: SELinux and Squid - Non-default squid http_port (!=3128)
  - From: Thomas Springer
- Re: SELinux and Squid - Non-default squid http_port (!=3128)
  - From: Øyvind Stegard
- Re: SELinux and Squid - Non-default squid http_port (!=3128)
  - From: Rahul Sundaram
- Re: SELinux and Squid - Non-default squid http_port (!=3128)
  - From: Øyvind Stegard

Prev by Date: evolution
Next by Date: Re: web files with ftp vsftpd
Previous by thread: Re: SELinux and Squid - Non-default squid http_port (!=3128)
Next by thread: Re: SELinux and Squid - Non-default squid http_port (!=3128)
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]