[squid-users] How to disable TCP dead detection?

From: Vladimir <[email protected]>
Date: Fri, 15 Aug 2003 04:12:53 -0700 (PDT)

Hello,

I have a bit complicated setup which can look odd to
someone, but it works less or more ok for me.

On my Linux box, I have Squid 2.4 built 7 running. I
am connecting into the private network using the ISDN
line, and connecting to the parent proxy. However,
between my box and parent proxy there is a firewall
which only allows traffic on the port 22 (ssh). So I
have to use port-forwarding capabilities of ssh to
connect to the parent proxy.

To open a forwarding channel via the ssh, I made small
authentication module, which checks if tunnel is
already up, and if not, it establish the ssh tunnel.
So, user launch the browser pointing to my local Squid
proxy, authenticate, and if succesfull, authentication
module brings up the ISDN link, open a ssh session
with forwarding channel, and then my Squid proxy use
as parent something like localhost:8000. To make this
working properly, I had to declare parent as default,
disable ICP queries, and use never_direct statement to
forward all the traffic to the parent proxy. Also,
timeout for keeping user login details had to be
reduced from 60 min to something like minute or two,
to allow external module to open the link, if it is
down. Everything seems to work less or more correctly,
exept one problem:

When there is delay in opening of ISDN line and ssh
channel, Squid can not reach parent proxy on address
localhost:8000 and it declares it as dead ( I think
this is famous TCP DEAD feature of Squid). After few
seconds, line is up, parent is reachable, but in the
browser I still get error message that all parent
proxies are down and request can not be forwarded.
But, parent proxy is alive and kicking. Only way to
fix it, is to wait something like 10 minutes or so,
and then parent proxy is recognized as alive again, or
to restart Squid.

My question is this: how to completely disable this
TCP dead feature, and force Squid to forward EACH
request to proxy no matter if it is dead or not,
because in my case this feature is not usefull at all,
and just makes troubles.

Thanks in advance to everyone who has solution for my
problem.

Regards
Vladimir

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
Received on Fri Aug 15 2003 - 05:13:27 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:55 MST