[squid-users] WCCP Problem

From: Juergen Hoffmann <jh@dont-contact.us>
Date: Mon, 24 Sep 2001 09:29:14 +0200

Hi all,

I have read the FAQ on this and searched the archive on that topic. Found
several things, tried them, but nothing really did the job.

I have a Debian GNU/Linux with squid Version
proxy:~# /usr/local/squid/bin/squid -v
Squid Cache: Version 2.3.STABLE4

and Kernel 2.4.9
iptables is installed correctly and all the modules are loaded.
proxy:~# lsmod
Module Size Used by
ip_gre 6976 1
ipt_tos 832 0 (unused)
ipt_tcpmss 1328 0 (unused)
ipt_state 896 0 (unused)
ipt_multiport 1024 0 (unused)
ipt_mark 832 0 (unused)
ipt_mac 992 0 (unused)
ipt_limit 1248 0 (unused)
ipt_TOS 1216 0 (unused)
ipt_TCPMSS 2576 0 (unused)
ipt_REJECT 3184 0 (unused)
ipt_MASQUERADE 1984 0 (unused)
ipt_MARK 1056 0 (unused)
ipt_LOG 3456 0 (unused)
iptable_filter 2032 0 (unused)
iptable_mangle 2032 0 (unused)

I have modified ip_gre.c although the patch did not work, so i did it by hand.

Here is my ifconfig
gre0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.0.0.1 Mask:255.255.255.255
          UP RUNNING NOARP MTU:1476 Metric:1
          RX packets:7830 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:383167 (374.1 Kb) TX bytes:0 (0.0 b)

and my iptables lines

proxy:~# iptables -t nat -L -v -n
Chain PREROUTING (policy ACCEPT 49861 packets, 2896K bytes)
 pkts bytes target prot opt in out source
destination
    4 6000 REDIRECT tcp -- gre1 * 0.0.0.0/0 0.0.0.0/0
         tcp dpt:80 redir ports 3128
 7830 383K REDIRECT tcp -- gre0 * 0.0.0.0/0 0.0.0.0/0
         tcp dpt:80 redir ports 3128

Chain POSTROUTING (policy ACCEPT 49445 packets, 3006K bytes)
 pkts bytes target prot opt in out source
destination

Chain OUTPUT (policy ACCEPT 49445 packets, 3006K bytes)
 pkts bytes target prot opt in out source
destination
    0 0 REDIRECT tcp -- * * 213.157.1.0/25 0.0.0.0/0
         tcp dpt:80 redir ports 3128

the gre1 and the entry in the OUTPUT Chain were just for other testing
purposes.

A tcpdump while redirecting shows me the gre encapsulated packets, but it
seems that these packets are not processed...

10:15:49.421083 gre-proto-0x883E (gre encap)
10:15:49.428445 gre-proto-0x883E (gre encap)
10:15:49.435694 gre-proto-0x883E (gre encap)

759 packets received by filter
0 packets dropped by kernel

on my cisco 7001 I have configured the following ...

ip wccp version 1
ip wccp web-cache redirect-list proxyforce group-list proxy

Any ideas anyone. Neither do I see an requests in the access.log file nor do
the packets get processed.

kind regards

Juergen Hoffmann
Received on Mon Sep 24 2001 - 01:27:19 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:28 MST