Re: [squid-users] WCCPv2 GRE with 2.6 on Linux

From: Adrian Chadd <adrian@dont-contact.us>
Date: Sat, 2 Sep 2006 11:23:03 +0800

Just to compare:

Squid Cache: Version 3.0.PRE4-CVS
(same options for 2.6 work fine.)
configure options: '--prefix=/usr/local/squid' '--enable-storeio=ufs aufs null' '--enable-linux-netfilter'

Config:

cache_effective_user adrian

wccp2_service standard 0
#wccp2_service dynamic 80
#wccp2_service_info 80 protocol=tcp ports=80 priority=240

tcp_outgoing_address 203.56.15.78

wccp2_router 192.168.1.1:2048

http_port 192.168.1.10:3128 transparent vport=80
http_port localhost:3128

(I have this server doing wccp on a NATted interface; so it has a non-NATted public
IP for external outbound connections..)

Then:

root@cindy:~/work/squid3# cat /root/wccp.sh
#!/bin/sh

ifconfig gre0 inet 1.2.3.4 netmask 255.255.255.0 up
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/lo/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/gre0/rp_filter

iptables -F -t nat
# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.10:3128

eth0 is external, eth1 is internal.

Cisco config is simple - enable wccp2 + web-cache, ip wccp web-cache redirect in on the internal
interface.

I've not got a spare PIX/ASA device here to try it against.

Adrian
Received on Fri Sep 01 2006 - 21:22:45 MDT

This archive was generated by hypermail pre-2.1.9 : Sun Oct 01 2006 - 12:00:03 MDT