Re: [squid-users] Put all port 80, 443 http https rtmp connections from openvpn through squid?

From: Eliezer Croitoru <>
Date: Sun, 12 Aug 2012 12:58:13 +0300

On 8/12/2012 11:26 AM, J Webster wrote:
> rtmp can be used on squid with a big BUT.
>> since rtmp is a tcp protocol you must allow a CONNECT and destination
>> ports to be used through the proxy.
>> but it's not such a safe and good idea to do so.
>> since the squid box is a router in your case and you will intercept
>> the port 80\443 rtmp will not have any trouble if you do use NAT for
>> outgoing connections since rtmp works on other ports then 80 and 443.
> But the routing will be different somehow won't it?
> For example, let's assume youtube uses rtmp.
> A user connects via VPN, navigates to, on the VPN server
> the 80 request is directed through squid, the video server returns the
> 80 request and a rtmp request but the rtmp cannot go through squid so
> where does it return, just another port on the VPN server? As long as I
> leave those rtmp ports open then all is okay?
> What if there are 50 clients all using rtmp as the same time, how would
> the routing within the 10.8.x.x network happen with squid involved?
this is not related in anyway to squid but to plain routing.
in order to understand how it works just know thay "MAGIC of NAT" exists!
you can read about it here:

this is a nice "magic" of networking.. ;)

youtube dosn't use rtmp for starter.
if you want to see a site that uses rtmp you can try some of IMDB trailers.
crunchy roll is a site that works only on rtmp Videos .

the only difference in routing while using squid as intercept proxy is
just on the outgoing traffic but for most squid boxes\routers the
routing table will be the same that used for NAT or local software such
as squid\proxy.


Eliezer Croitoru
IT consulting for Nonprofit organizations
eliezer <at>
Received on Sun Aug 12 2012 - 09:58:23 MDT

This archive was generated by hypermail 2.2.0 : Mon Aug 13 2012 - 12:00:02 MDT