--- Henrik Nordstrom <hno@squid-cache.org> wrote:
> On Fri, 9 Sep 2005, ksc wrote:
>
> > The problem is that the cisco router shows that
> the
> > cisco has registered the server as cache-engine,
> and
> > the port 80 traffic is passing through to my gre1.
> > However, it doesn't get passed on to my squid
> (running
> > at port 8080). I've already setup my iptables rule
> and
> > there's no firewall blocking.
>
> If browsing still works then your iptables ruleset
> is wrong and does not
> match the traffic.
>
> If browsing is dead then maybe you have the
> rp_filter sysctl enabled..
> this will cause the packets to go into the bitbucket
> immediately when
> exiting the gre tunnel..
>
/proc/sys/net/ipv4/conf/default/rp_filter is 0
> > iptables -A PREROUTING -p tcp -i eth1 --dport 80
> -j
> > REDIRECT --to-port 8080
> > (my interface is eth1)
>
> This does not look correct to me. The interface
> should be the gre
> interface as this is where the client port 80
> traffic is seen...
>
I tried '-i gre1' as well, doesn't help...
thanks,
ksc
> Regards
> Henrik
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Received on Sun Sep 11 2005 - 19:30:00 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT