RE: [squid-users] WCCP and iptables

From: Shoebottom, Bryan <BShoebottom@dont-contact.us>
Date: Fri, 16 Sep 2005 07:07:07 -0400

Kumar,

The commands on the router are:
Ip wccp version 1
Ip wccp web cache

There are no other rules in iptables, I am trying to create a
transparent proxy from scratch so this is the only project for this box.

Thanks,
Bryan

-----Original Message-----
From: Raj Kumar Gurung [mailto:rajkumar@subisu.net.np]
Sent: September 15, 2005 10:56 PM
To: Shoebottom, Bryan
Subject: Re: [squid-users] WCCP and iptables

Do you have other IPTABLES rules in your box ?
And whats your cisco command there ?

uglyjoe79

Shoebottom, Bryan wrote:

>Kumar,
>
>Thanks for the info. These are the commands I have been using to try
to
>get this working, but have not been successful. I rebooted the box and
>started the network config from scratch copying and pasting your
>commands, replacing the appropriate values of course. But still on the
>cisco router I get the same info from the "show ip wccp web-cache
>detail" command.
>
>When I do a packet capture, I can see that the router hands the cache
>server all the buckets, but when the cache server replies it shows all
>buckets as unassigned.
>
>Also, with this command in iptables, should I not be able to telnet to
>port 80 on the box and be redirected to port 3128? When I try this
>"telnet localhost 80" I get a connection refused.
>
>Thanks,
>Bryan
>
>
>
>-----Original Message-----
>From: Raj Kumar Gurung [mailto:rajkumar@subisu.net.np]
>Sent: September 15, 2005 2:05 AM
>To: Shoebottom, Bryan
>Subject: Re: [squid-users] WCCP and iptables
>
>For GRE interception , i have used :
>insmod ip_gre
>iptunnel add gre1 mode gre remote* router-IP* local *squid-box-IP* dev
>eth*X*
>ifconfig gre1 127.0.0.2 up
>
>Also check it the the traffic to port 80 is redirected to the squid
>port.You can try iptables itself for that...
>iptables -A PREROUTING -i eth*X* -p tcp -m tcp --dport 80 -j REDIRECT
>--to-ports 3128
>
>I hope it works..
>
>uglyjoe79
>
>Shoebottom, Bryan wrote:
>
>
>
>>Hello,
>>
>>I am using linux 2.4.31 with ip_gre and cannot seem to get the wccp v1
>>
>>
>connection to work completely between my router and the squid cache.
>Here is what I am getting on the router:
>
>
>>MDIST#sho ip wcc we det
>>WCCP Cache-Engine information:
>> Web Cache ID: 0.0.0.0
>> Protocol Version: 0.4
>> State: Usable
>> Redirection: GRE
>> Packet Return: GRE
>> Assignment: HASH
>> Initial Hash Info: 00000000000000000000000000000000
>> 00000000000000000000000000000000
>> Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>> FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>> Hash Allotment: 256 (100.00%)
>> Packets Redirected: 15
>> Connect Time: 03:16:30
>>
>>MDIST#sho ip wcc we view
>> WCCP Routers Informed of:
>> -none-
>>
>> WCCP Cache Engines Visible:
>> 10.10.144.2
>>
>> WCCP Cache Engines NOT Visible:
>> -none-
>>
>>MDIST#
>>
>>Even though it is redirecting traffic, the cache can't/doesn't
>>
>>
>acknowledge it. I am sure this is a problem with my gre tunnel (if I
>even need one) and my firewall configuration. Can someone send me
their
>firewall and gre tunnel config?
>
>
>>Thanks,
>>Bryan
>>
>>
>>
>>
>>
>>
>>
>
>
>
>
>
Received on Fri Sep 16 2005 - 05:07:18 MDT

This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT