Re: Cisco route-map for transparent proxy

From: Jaeho Yang <jhyang@dont-contact.us>
Date: Sat, 16 May 1998 09:58:31 +0900

At first, there are no *routers (L3 forwarding)* between Cisco and Linux.
You mind them.. Between cisco box and linux box, the connections is
directly connected, or connected via hub (or L2 switching).

The second thing, *ipfwadm rule*.. *turn on* default rules...

    ${FW} -I -p acc
    ${FW} -O -p acc

You might easily find problems..

--J

S. Faruque Ahmed wrote:

> Hello All,
>
> Sorry if this might not be the correct forum, but I did not receive an
> answer from a Cisco mailing list. Thought someone might know something on
> it since this really is a special application.
>
> I have a Linux box running squid on accelerator mode with ipfwadm
> redirection to take care of transparent proxying. Everything is fine for
> packets being routed through this box, i.e. it re-directs all www requests
> etc, etc.
>
> But I would like to redirect the WWW requests from dial-in users on a Cisco
> NAS located on the same network to this box also. I tried using
> "route-map" feature on the Cisco with the following:-
>
> route-map www-redirect, permit, sequence 10
> Match clauses:
> ip address (access-lists): 110
> Set clauses:
> ip next-hop xxx.xxx.120.65 xxx.xxx.120.193
> Policy routing matches: 30 packets, 1350 bytes
>
> Extended IP access list 110
> permit tcp xxx.xxx.95.192 0.0.0.31 any eq www
>
> interface Async16
> ip unnumbered Ethernet0
> ip access-group 160 out
> ip policy route-map www-redirect
> encapsulation ppp
> async dynamic address
> async mode interactive
> peer default ip address xxx.xxx.95.210
> no cdp enable
>
> It is supposed to re-route packets entering via the Async interfaces to the
> next hop xxx.xxx.120.65; i.e. the Linux box, or the next-next hop
> xxx.xxx.120.193, the default route.
> But I am not getting any packets received on the Linux box from the Cisco,
> eventhough the route-map rule shows activity, as you can see above. Could
> someone tell me whether I am missing something? Could comeone tell me what
> sort of packets I'm supposed to be getting on the Linux box (maybe I
> stupidly missed something in the ipfwadm rules) ?
>
> Thanks in advance.
> SFQ
> GOS
Received on Fri May 15 1998 - 18:00:24 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:12 MST