[plug] getting squid use a ssh tunnel

Adrian Chadd adrian at creative.net.au
Wed Mar 19 10:56:16 WST 2008

On Wed, Mar 19, 2008, Mary Wright wrote:

> I just am unsure at how (what) to put that into the squid.conf

look at cache_peer and hierarchical_direct in squid.conf

Firstly, try telnet'ing to localhost:<ssh tunneled port> to see
if that works. If it works, point a web browser at it. It -that- works,
why do you want a local proxy? :)

> The issue is that the tunnel is working when I setup it up over the  
> intranet
> but when I try the system remotely I get time outs .I believe the  
> problem is that the web browser floods the tunnel with several request  
> and because of latency in processing the request
> I saw mentioned somewhere that if you setup a proxy locally then have  
> is cascade through the tunnel that it should fix the errors but they  
> didn't say how to actually do it and I can't see anything any where on  
> how to setup a "cascading proxy" that's what i have been looking for
> again thanx for any ideas or info it is very muchly appreciated

Well, Squid is going to something similar - one outbound request per
client request for small values of browsing.

I'd bring up the ssh tunnel by using 'ssh -v' and run tcpdump in parallel;
see if you can find the hanging connections and try to determine why they are.
Its possible they're hanging due to some busted ass firewall config at your
employer - ICMP PMTU filtering is the biggest pain in the ass in this sort
of situation, followed by TCP options (window scaling, timestamping.)


- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -

More information about the plug mailing list