Re: [squid-users] WCCP Howto RHEL3.1 w/ 2.4.x kernel from Chad Harrelson on 2006-11-14 (squid-users)

From: Chad Harrelson <coinflasher@dont-contact.us>
Date: Tue, 14 Nov 2006 09:40:24 -0500

Nevermind, I see it. I'm testing now...

Thanks,

-- Chad

On 11/14/06, Chad Harrelson <coinflasher@gmail.com> wrote:
> Henrik,
> I don't see a gre tunnel being created in your script is this
> because a gre tunnel is not necessary? (ex. iptunnel add gre1 mode gre
> remote 150.125.125.98 local 150.125.125.114 dev eth0 )
>
> Thanks,
>
> -- Chad
>
> On 11/14/06, Henrik Nordstrom <henrik@henriknordstrom.net> wrote:
> > tis 2006-11-14 klockan 14:53 +0800 skrev Adrian Chadd:
> > > On Mon, Nov 13, 2006, Chad Harrelson wrote:
> > > > Thanks Adrian, however, I have a requirement to make this work on the
> > > > my current version of squid (2.5) so WCCP v.1 will have to do.
> > >
> > > Ah. Grr, Redhat needs to test and upgrade their Squid packages already.
> >
> > There is unofficial current "bleeding edge" RHEL Squid packages
> > available from RedHat, or more precisely from the Squid package
> > maintainer at RedHat. The URL can be found in the squid-users archives.
> >
> > > I've done it for each interface just in case.
> >
> > I know for certain from both theory and practice that it's sufficient to
> > disable rp_filter on the created gre tunnel interface.
> >
> > Here is an example script setting up all networking level parameters
> > needed for WCCP/WCCP2 using ip_gre:
> >
> > #!/bin/sh
> > # Set this to the public/primary IP of the WCCP router
> > ROUTER=10.0.0.1
> > iptables-restore <<EOF
> > *nat
> > :INTERCEPT -
> > :PREROUTING ACCEPT
> > :POSTROUTING ACCEPT
> > :OUTPUT ACCEPT
> > -A PREROUTING -j INTERCEPT
> > COMMIT
> > EOF
> >
> > ip link set wccp down 2>/dev/null
> > ip tunnel del wccp 2>/dev/null
> >
> > ipaddr=`/sbin/ip addr show dev eth0 | awk '/inet / {print $2}'`
> > ip=`echo $ipaddr | cut -d/ -f1`
> > ip tunnel add wccp dev eth0 mode gre remote $ROUTER
> > ip addr add $ip/32 dev wccp
> > echo 0 >/proc/sys/net/ipv4/conf/wccp/rp_filter
> > echo 1 >/proc/sys/net/ipv4/ip_forward
> > ip link set wccp up
> >
> > iptables -t nat -F INTERCEPT
> > iptables -t nat -A INTERCEPT -i wccp -p tcp -j REDIRECT --to-ports 3128
> > #END
> >
> > This script assumes the WCCP router is on the eth0 interface. Modify as
> > needed if your network layout is different.
> >
> > Regards
> > Henrik
> >
> >
>
Received on Tue Nov 14 2006 - 07:40:37 MST

This archive was generated by hypermail pre-2.1.9 : Fri Dec 01 2006 - 12:00:03 MST