Wonder if anyone out there can help.
We're trying to get transparent proxying working here with our squid
installation - 2.2.STABLE5 + henriks patches on a Sun box (SunOS 5.7). Squid
is compiled fine with the ipf-transparent option and we have ipf 3.3.16
loaded up and redirecting via NAT just fine. If I set the default route on a
machine to be the squid box, it accepts packets on port 80 and redirects
them to port 3128, which squid then correctly proccesses.
The problem we're having is in getting those packets to squid in the first
place, as we can't really set the machine up as our campus default router!
We have a CISCO box running IOS 11.1(12) and have a policy route-map
configured as follows:
route-map proxy-redirect permit 10
match ip address 120
set ip next-hop 137.205.8.1
This is matching packets (we can tell from the counters) just fine. However,
it seems to just be sending ICMP Redirect messages back to clients telling
them to go to 137.205.8.1, which is not quite what I expected (which is for
the packets just to be sent on there by the CISCO). It also doesn't help
much, because not many things appear to cope with these. My Windows PC seems
to ignore them, at least.
Assuming this isn't what's supposed to happen, any CISCO wizards out there
having done this before have any idea what could be going on here? The
online docs for this topic at cisco.com talk about packets being only sent
on to "adjacenct" routers, which is a bit above my head ....
Chris
-- Chris Tilbury, IT Services, University of Warwick, Coventry, UK PHONE: 024 7652 3365 / FAX: 024 7652 2367 / MAIL: Chris.Tilbury@warwick.ac.ukReceived on Mon Jun 12 2000 - 08:16:35 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:54:00 MST