[squid-users] Problem rtmp traffic through Squid

Amos Jeffries squid3 at treenet.co.nz
Wed Feb 13 13:14:30 UTC 2019


On 14/02/19 1:37 am, Ahmad, Sarfaraz wrote:
> Did you add them to “safe_ports” acl ? ( assuming you have one )
> 

Port 1935 is already part of the Safe_ports ACL by default.

What it is not part of is the SSL_Ports ACL which prohibits almost all
ports having CONNECT tunnels opened.

If the Flash agent in use, or its Browser is properly using the proxy
it/they should be attempting to open a CONNECT tunnel to the RTMP server
(possibly port 1935, maybe another) for the stream to flow within.

Check your proxy access.log for these attempts and decide from there
what detail(s) you are going to use to permit access (port, server name,
or UA string, etc).
 Likely you will need to add the relevant port to SSL_Ports (preventing
it being forbidden) and then also add other http_access lines to
restrict which traffic is allowed to contact that port.


> 
> *From:* squid-users *On
> Behalf Of *????????? ?????? ????????????
> *Sent:* Wednesday, February 13, 2019 5:56 PM
> 
> Hello! In our organization, we use squid proxy server. And we found a
> problem with viewing webinars that run on adobe Flash. Network engineers
> found out that rtmp traffic on port 1935 bypasses the proxy server,
> which is specified in the browser settings. In this connection, the site
> does not work media content. The same problem is covered on the Adobe
> website https://forums.adobe.com/thread/905051
> 
> Can you help with providing information on configuring squid to work
> with adobe Flash?
> 


Amos



More information about the squid-users mailing list