Re: [squid-users] Re: [SQU] WCCP + linux 2.4.2 + iptables?

Justin,

If you can see "I_SEE_YOU packets", you can try IOS setting that I got from
Jan Haluza:

ip wccp verion 1
ip wccp web-cache redirect-list REDIRECT_LIST group-list GROUP_LIST

ip access-list ext REDIRECT_LIST
  deny ip host IP_OF_SQUID any
  permit ip any any

ip access-list stan GROUP_LIST
  permit IP_OF_SQUID

interface ...Outgoing_interface...
  ...
  no ip directed-broadcast
  no ip mroute-cache
  ip wccp web-cache redirect out
  ip wccp redirect exclude in

Thx

Awie

----- Original Message -----
From: "Justin Kim" <hk3183@utah.edu>
To: "Vishwanath Paranjape" <vish@gn.gtsl.co.in>
Cc: <squid-users@ircache.net>
Sent: Tuesday, March 13, 2001 5:41 AM
Subject: [squid-users] Re: [SQU] WCCP + linux 2.4.2 + iptables?

> I had a same problem.
> I tried to run Squid with 2.2.17 Kernel. With Cisco's WCCP Ensign.
> But first, I want to use Squid's wccp.
> I configured the router to redirect the packet.
> The funny thing is, router see squid, and see I_SEE_YOU paketsl.
> Yet, it fails to redirect any web queries,
> Only think I can think of is the router's configuration (or ISO version
who
> knows...)
>
> I am right now waiting for Cisco WCCP, to see wether my router is actually
> working.
> If so, I will go back to use Red Hat 2.2.17 Kernel with module
installation.
>
> Let me know if you have any questions.
>
>
> Vishwanath Paranjape wrote:
>
> > hi!
> >
> > actually i caanot guide you on this issue, but you can guide me i
believe
> >
> > myself and awie are trying independantly to get wccp and linux kernel
2.2.x
> > working.
> > but we are facing same prob as the packets are not getting redirected
from
> > cisco to cache engine.
> >
> > can you send me some more info on how you achieved it?
> >
> > thanx in advance
> > vish
> >
> > -----Original Message-----
> > From: Sixx Lim <sixx@swiftech.net.sg>
> > To: squid-users@ircache.net <squid-users@ircache.net>
> > Date: Monday, March 12, 2001 9:37 PM
> > Subject: [SQU] WCCP + linux 2.4.2 + iptables?
> >
> > >Well i couldn't find any answers both on the web, FAQs or archives.
> > >
> > >So was wondering if anyone has this working on either production or
> > >development network.
> > >
> > >I followed the procedures to compile and install the kernel with
> > >support for transparent proxy with netfilter/iptables and the ip_wccp.o
> > >module. Both loads with no problem, but strangely i don't see any
packets
> > >on my cisco router for wccp even when i turned "deb ip wccp pack" i
only
> > >see packets to and from my old kernel 2.2 servers.
> > >
> > >Is there something i missed out or is the wccp not supported on kernel
> > 2.4.2?
> > >
> > >And if this is so, should i use GRE tunneling instead?
> > >
> > >Maybe someone should also update the FAQ as to iptables can't work with
> > wccp
> > >on squid servers which are not routers/gateways for a network, somehow
or
> > >rather
> > >iptables can't seem to redirect ports coming in from an interface to
port
> > 8080
> > >on the same interface.
> > >
> > >Or is it advisable to use multiple http_port directives in the
squid.conf
> > >to listen
> > >on these ports instead of using iptables/ipchains redirection?
> > >
> > >best regards,
> > >sixx
> > >
> > >--
> > >To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
> > >
> > >
> >
> > --
> > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>
Received on Mon Mar 12 2001 - 18:49:42 MST