[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux alerts



>>>>> "Tim" == Tim  <ignored_mailbox yahoo com au> writes:

    Tim> On Sat, 2008-01-26 at 06:49 +0000, Colin Paul Adams wrote:
    >> I just installed (via yum) and started squid.
    >> 
    >> I then noticed I had some SELinux alert

    Tim> Have you configured SELinux to allow Squid?  The default was,
    Tim> and probably still is, not to allow Squid to use the network
    Tim> until you explicitly allow it.

    Tim> There's a SELinux management tool that lets you easily tweak
    Tim> the booleans.

I found it now.

The boolean for squid reads:

Allow squid to connect to all ports, not just HTTP, FTP and Gopher.

It is not checked. I'm not sure that I want to check it. I would first
like to know what squid was trying to connect to. The alert did not
tell me that (at least, if it did, i didn't understand it).

Is there a way I can find out which port was being accessed?
Hm. It doesn't mention HTTPS, but maybe that is subsumed by HTTP.
-- 
Colin Adams
Preston Lancashire


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]