[squid-users] non-transparent squid and port 8080 traffic

From: Asim Ahmed _at_ Folio3 <_at_>
Date: Fri, 11 Dec 2009 00:33:14 +0500

hi all,

I am using squid 3.0Stable20-1 along with Shorewall 4.4.4-1 on a RHEL5
box. I had a few problems running squid in transparent mode so now I am
running it in non-transparent mode. Every thing like browsing / IM tools
working fine. A major problem that I am facing is that quite a few users
in my staff uses TFS (Team Foundation Server - A code repository running
on port 8080) remotely. After installing squid they are hving great
difficulty connecting to that server. I am REDIRECTING port 80 traffic
from shorewall to squid on the same box. I tried same approach and
REDIRECTED port 8080 traffic to squid as well and made an ACL in
squid.conf to allow that particular traffic to that particular server
address over port 8080.

When I see squid access log, traffic shows up there but with HTTP 401
code that means not-authorized request. On TFS screen users also get
"you are not authorized to connect to this server" error. This does not
make any sense because without squid they jsut connect in first attempt.

Even I tried adding a rule in shorewall to process 8080 traffic before I
redirect traffic to squid, but that makes things unreliable in the sense
that some times it work, and at times it does not!
Can any one help suggesting any measures to get over with this?

Is this squid's normal behaviour to stop shorewall from normal working
when installed ? Does squid takes over control of system ports in use by
shorewall?

-- 
Regards,
Asim Ahmed Khan
Received on Thu Dec 10 2009 - 19:33:24 MST

This archive was generated by hypermail 2.2.0 : Fri Dec 11 2009 - 12:00:02 MST