RE: [squid-users] Compile WCCP module optimally from Paul.Fiero@dont-contact.us on 2003-08-13 (squid-users)

From: <Paul.Fiero@dont-contact.us>
Date: Wed, 13 Aug 2003 07:29:07 -0500

I have this set up using the ip_gre module. I didn't do anything to patch
it. How do I do that? I managed to find a patch for ip_gre at swelltech
but don't have a clue as to how to apply it.

The way I understand it all, the router intercepts the port 80 traffic and
forwards it to the proxy via WCCP. The proxy receives the traffic via the
ip_gre module where it is grabbed by iptables and redirected to the port
that the proxy is listening on. Then the proxy does its business and sends
the return traffic to the client via regular traffic and not back through
the gre tunnel. Is this correct?

Okay, now the big question. Is there an easier method of transparent
proxying. LOL.

Cheers and Thanks for all the help,
Paul Fiero

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Wednesday, August 13, 2003 7:16 AM
To: Paul.Fiero@ci.austin.tx.us
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Compile WCCP module optimally

On Wed, 13 Aug 2003 Paul.Fiero@ci.austin.tx.us wrote:

> Okay so if GRE is already compiled and loaded via insmod, and I can set up
> the tunnel to the router in question, my next step is to configure the
> router to redirect traffic to the squid server via WCCP as per normal? I
> don't have to configure the router for GRE tunneling specifically?

Are you using the ip_gre module? In such case is the module patched to
support WCCP?

I think you just set up a gre interterface with the router as endpoint.
Then the patch takes over. This GRE should only be used for receiving
traffic from the router, not for return traffic.

> And once that is done, then I have to enable port redirection? Via
iptables
> or another app?

iptables, just as in the transparent interception case when not using
WCCP.

The purpose of WCCP is just to have the packets routed to the proxy server
box. It is the responsibility of the proxy server box to intercept the
traffic and redirect it to the proxy application.

Regards
Henrik
Received on Wed Aug 13 2003 - 06:29:12 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:52 MST