Does Web Proxy blocks non standard HTTP 1.1 traffic?

alex998r · March 20, 2008, 8:54am

Hello Mikrotik team, I have a very strange and hard to solve problem with some particular customers.
They are public administrations and they use a particular program to communicate some data to the central minstry site.
The traffic starts on port 443 and then passes on port 80.
Their client is a RB133 with Web Proxy active ( I have already updated to version 3.5 of ROS ), web proxy is necessary to track the visited sites due to legal dirctives;
I spoken with the tecnical team that has developed the program, the data transmissions stops at the final step when the client should receive some data in a non standard HTTP 1.1 protocol containing some accounting data, if I disable Web Proxy all works fine ( I have also defined a parent proxy on external Linux box running SQUID ).
If some Italian people are reading this and would help please drop me an e-mail: alex998r (at) tiscali.it.
Please is there a possible workaround, settings some rule in the Web Proxy ( access,direct or cache ) ?
many thanks in advance for help
Regards
Alessandro

normis · March 20, 2008, 9:52am

maybe you can make a secure tunnel for this specific program, or make an exception for the machines that send this data?

alex998r · March 20, 2008, 10:05am

Hi Normis, thanks for the reply.
This is what I am thinking, a way to bypass the proxy for this machine but NOT all the machine, only the program, to be more precise, I want web proxy always active for that machine and only that application bypassed.
I tryed two simple rules in the DIRECT section of WEB PROXY
0 src-address=192.168.10.120 dst-address=195.xxx.xxx.175 action=allow hits=3
1 src-address=192.168.10.120 dst-address=195.xxx.xxx.233 action=allow hits=4
is this the correct way to bypass the target sites?
Also with these two rules I have the problem.
Please any help from you will be appreciated.
Regards
Alessandro

alex998r · March 20, 2008, 11:19am

Hello I’ve tryed also the following rule:
[pippo@CL105-100] /ip proxy cache> print detail
Flags: X - disabled
0 src-address=192.168.10.120 action=deny hits=0

As you can see I cannot see any match; in the log I can see client 192.168.10.120 that requests a page from cache, below a snipped from syslog-ng:

web-proxy,account CL105-100: 192.168.10.120 POST http://xxx.xxx.it/cgi-bin/cgi.exe action=allow cache=MISS

Please this is a very hot problem for me.
Many thanks for your help
regards
Alessandro

Chupaka · March 21, 2008, 12:42am

just do not redirect 195.xxx.xxx.175 to web-proxy port, simply add a rule in NAT chain to accept port=80 dst-address=195.xxx.xxx.175 above your redirect rule