On 14/02/19 2:19 am, Герасимов Никита Вячеславович wrote: > Thanks, but a guess we already opened: > We have settings like this: > > diff squid.conf squid.conf.old > 40c40 > < acl SSL_ports port 443 563 1935 > --- >> acl SSL_ports port 443 563 > > acl imind_ru_flash port 1935 1936 > acl imind_ru_webrtc port 10000-30000 > acl imind_ru_net dst 185.102.121.96/27 185.102.121.0/27 > acl imind_ru dstdomain .imind.ru > http_access allow vlan_202 CONNECT imind_ru_flash imind_ru_net > http_access allow vlan_202 CONNECT imind_ru_webrtc imind_ru_net > http_access allow vlan_202 myusers imind_ru > > acl crl url_regex "/etc/squid/crl" > http_access allow crl >
Okay. That should be letting the tunnels through the proxy *if* the transactions are attempted. One trick that sometimes works is firewall rules to forbid direct Browser access to those ports (aka "bypassing the proxy"). The player may have CONNECT tunnel support as a fallback option when the usually more reliable direct service is blocked. Otherwise, Maybe try a different player software? RTMP is a standardized protocol so there are a number of software that support it. IIRC some had at least basic support for HTTP proxies last time I looked at these things. NP: Do not be tempted to intercept the traffic into Squid. The proxy will either reject the streams completely, or mangle them in ways that cause annoying display problems worse than a clear failure-to-connect message. HTH Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
