[EMAIL PROTECTED] wrote:
>
> Hello-
>
> I'm using Squid as a single sign-on mechanism to our extranet. Some users
> behind firewalls are having problems getting data back from squid. These
> firewalls are set to limit access to all ports but the common 80, 110, 3128,
> etc... It looks to me like when squid sends back data, it uses ports in the
> 1900-2000 range according to my sniffer. So, basically, I'm looking for a list
> of ports squid sends http data back to on the client end. This way I can send
> the list to the firewall admin so they can open up those incoming ports.
>
> Thanks in advance for anyone that can shed some light on this problem!
Most protocols accept connections on a specific port (eg: 80, or 3128).
However, the source port of the other end of the connection is decided
by the operating system, if the application does not specify it. Default
behaviour is to select any 1023 < port < 65536 that is not already in
use. Squid makes no special effort to modify the default behaviour of
the IP stack. (Terminology note: This range of ports are known as
'public' ports)
D
