Hello, I have a bit complicated setup which can look odd to someone, but it works less or more ok for me.
On my Linux box, I have Squid 2.4 built 7 running. I am connecting into the private network using the ISDN line, and connecting to the parent proxy. However, between my box and parent proxy there is a firewall which only allows traffic on the port 22 (ssh). So I have to use port-forwarding capabilities of ssh to connect to the parent proxy. To open a forwarding channel via the ssh, I made small authentication module, which checks if tunnel is already up, and if not, it establish the ssh tunnel. So, user launch the browser pointing to my local Squid proxy, authenticate, and if succesfull, authentication module brings up the ISDN link, open a ssh session with forwarding channel, and then my Squid proxy use as parent something like localhost:8000. To make this working properly, I had to declare parent as default, disable ICP queries, and use never_direct statement to forward all the traffic to the parent proxy. Also, timeout for keeping user login details had to be reduced from 60 min to something like minute or two, to allow external module to open the link, if it is down. Everything seems to work less or more correctly, exept one problem: When there is delay in opening of ISDN line and ssh channel, Squid can not reach parent proxy on address localhost:8000 and it declares it as dead ( I think this is famous TCP DEAD feature of Squid). After few seconds, line is up, parent is reachable, but in the browser I still get error message that all parent proxies are down and request can not be forwarded. But, parent proxy is alive and kicking. Only way to fix it, is to wait something like 10 minutes or so, and then parent proxy is recognized as alive again, or to restart Squid. My question is this: how to completely disable this TCP dead feature, and force Squid to forward EACH request to proxy no matter if it is dead or not, because in my case this feature is not usefull at all, and just makes troubles. Thanks in advance to everyone who has solution for my problem. Regards Vladimir __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
