Thanks to Gary and Lincoln for responding so quickly. It seems the problem
was the order of my redirect in the ipchains setup. I changed the order
around and it now works perfectly. The thing that led me astray was that the
route-map method of transparent proxy worked with the ipchains rules inthe
wrong order leading me to beleive everything was ok (I still havent quite
worked out why that should be so, but anyway) but the wccp method didn't.
The key thing is to have a bypass for packets to the squid box on port 80
BEFORE the redirect. For anyone else fighting this problem here is the
ipchains ruleset that works for me:
(Local LAN is 202.0.157.0, squid box is 202.0.157.20 and squid is on port
3128)
/sbin/ipchains -L
Chain input (policy DENY):
target prot opt source destination
ports
ACCEPT all ------ webcache webcache n/a
ACCEPT tcp ------ anywhere webcache.spc.int any ->
www
REDIRECT tcp ------ 202.0.157.0/24 anywhere any ->
www => squid
ACCEPT all ------ 202.0.157.0/24 anywhere n/a
ACCEPT all ------ anywhere 202.0.157.0/24 n/a
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
Thanks for the help.
__________________________________________
Al Blake, Information Technology Manager
Secretariat of the Pacific Community.
BPD5 98848 Noumea Cedex.
New Caledonia.
Tel +687 26.01.44 Fax +687 26.38.18
Email: alb@spc.int
Web: http://www.spc.int/ <http://www.spc.int/>
____________________________________________
Any attached files are in PKZip format.
Please advise if you have difficulties unzipping them.
___________________________________________
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Tue Sep 19 2000 - 23:22:06 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:24 MST