RE: WCCP with 2.3Stable1 & Cisco

From: Walter Klomp <walter@dont-contact.us>
Date: Sat, 29 Jan 2000 09:48:42 +0800

Hi Glenn,

Yes, I have configured ipchains. Transparent proxying with this machine
works, if I use the ip policy method on the cisco...

I am running squid on port 8080...

#enabling transparent proxying...
/sbin/ipchains -A input -j ACCEPT -i lo
/sbin/ipchains -A input -j ACCEPT -p tcp -d my.machine.ip.address 8080
/sbin/ipchains -A input -j REDIRECT 8080 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/0 80
/sbin/ipchains -A input -j REDIRECT 8080 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/0
8080
/sbin/ipchains -A input -j REDIRECT 8080 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/0
3128

-----Original Message-----
From: Glenn Chisholm [mailto:glenn@ircache.net]
Sent: Saturday, January 29, 2000 2:57 AM
To: Walter Klomp
Cc: squid-users@ircache.net
Subject: RE: WCCP with 2.3Stable1 & Cisco

> I have just downloaded kernel 2.2.14, re-applied the patch to ip_gre.c,
> re-compiled it...
>
> On reboot, modprobe ip_gre
> (no error)
> did the iptunnel and the ifconfig command... (no error), and I get exactly
> the same output..
>
> What am I doing wrong?

        Ok, so you are not using the WCCP specific module. You are using
the the linux GRE module. It is designed for any GRE encapsulated packet.
The module I wrote is an ugly hack to allow only WCCP packets.

> Oh ya, by the way, I do see the packets coming in from the router with
> tcpdump (gre-encap)

        So none of these packets are reaching Squid? It sounds like the
packets are getting to your box and getting to the gre1 interface. Have
you configured ipchains?

glenn
Received on Fri Jan 28 2000 - 18:59:10 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:45 MST