On Fri, 9 Sep 2005, ksc wrote:
> The problem is that the cisco router shows that the
> cisco has registered the server as cache-engine, and
> the port 80 traffic is passing through to my gre1.
> However, it doesn't get passed on to my squid (running
> at port 8080). I've already setup my iptables rule and
> there's no firewall blocking.
If browsing still works then your iptables ruleset is wrong and does not
match the traffic.
If browsing is dead then maybe you have the rp_filter sysctl enabled..
this will cause the packets to go into the bitbucket immediately when
exiting the gre tunnel..
> iptables -A PREROUTING -p tcp -i eth1 --dport 80 -j
> REDIRECT --to-port 8080
> (my interface is eth1)
This does not look correct to me. The interface should be the gre
interface as this is where the client port 80 traffic is seen...
Regards
Henrik
Received on Sun Sep 11 2005 - 07:14:38 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT