SELinux security alert/Squid -
Bob Goodwin
bobgoodwin at wildblue.net
Mon Feb 8 21:59:16 UTC 2010
On 08/02/10 16:32, Daniel J Walsh wrote:
> On 02/08/2010 03:16 PM, Bob Goodwin wrote:
>
>> On 08/02/10 13:23, Daniel J Walsh wrote:
>>
>> .
>> Are you sure the boolean is turned on ?
>>
>> # getsebool squid_connect_any
>> squid_connect_any --> off
>>
>> Once you have set the boolean on it should stay that way permanently if
>> you use the -P flag
>>
>> # setsebool -P squid_connect_any 1
>>
>>
>> --------------------------
>>
>> This is what I get:
>>
>>
>> [bobg at box6 ~]$ getsebool squid_connect_any
>> squid_connect_any --> on
>>
>> I guess that means it should work? It's not a big problem and only began
>> yesterday [after an update?] It just puts a warning star at the bottom
>> of my screen.
>>
>> Bob
>>
>>
>>
>>
>> .--
>>
>>
>>
> Yes, this means that someone put a web sight at 8180, and now squid wants to connect to it. SELinux was preventing it.
>
>
Yes my ISP.
http://myaccount.wildblue.net:8180/
I just added "myaccount.wildblue.net" to the Firefox "no proxy for"
list and that seems to satisfy an access problem I didn't know I
had. Don't know if the SELinux alert resulted from that. I'll see
what happens when I reboot tomorrow morning. One of the first things
I do is check my usage via Firefox to be sure we are within limits.
Thanks.
Bob
--
More information about the users
mailing list