[squid-users] Is there any way to prevent ports 1024 to 65535 from bypassing squid?

From: MikeB <webmaster@dont-contact.us>
Date: Sat, 24 Sep 2005 10:45:20 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Squid does work except some requests , specifically java video chat requests
access port 80 through squid properly but the video does not work and the
linux box in front of squid rejects a port within the range of 1024 to 65535
not from the squid box but from the workstation loading the video chat applet
to the internet.

If i add an iptables rule to the forward table on the linux box in front of
squid for the workstation loading the video chat applet allowing source ports
1024 to 65535 and destination ports 1024 to 65535 out directly to the
internet the video loads and works perfectly, however i would prefer not to
add rules for each workstation or not to add a global rule allowing ip ranges
because it would bypass the antivirus scanner running on the squid box and
make logging and tracking more difficult.

Is there any way to redirect these ports to the squid server so that i don't
have to allow every workstation access to this port range through the linux
box in front of squid out to the internet?

Or is there some configuration on the squid box that i have not correctly
configured for video chat?

Some other request reject on the box in front of squid as well however these
are web sites and they seem to work ok even though ports 1024 65535 are
rejected.

Any information would be greatly appreciated.

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDNWaDJFtb3uHI9A4RAji3AJ4np72pU63+wAlcvTNlzjzl5Z1PqgCfX6JW
AkgAArAGl0lIWknGHFHKzh0=
=w0zX
-----END PGP SIGNATURE-----
Received on Sat Sep 24 2005 - 08:42:48 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:04 MDT