[squid-users] Squid and WCCP

Hi,

I am trying to get squid working with my cisco router.How it works is
network flows through my unit and enters the cisco on FE0. Below are
copies of both configurations which seem correct, yet the whole setup
doesnt work correctly, which is my question as why not? Is everything
correct and just the physical layout, or is my configuration wrong?

I am running Version 2.6.STABLE13+ICAP on FreeBSD 4.11.

half_closed_clients off
wccp2_router 10.10.250.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0
#tcp_outgoing_address
append_domain .domain.com
http_port 3128 transparent
icp_port 3130
#htcp_port 0
cache_mem 32 MB
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 21 70 80 210 443 488 591 777 1025-65535
acl CONNECT method CONNECT
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_swap_low 90
cache_swap_high 96
maximum_object_size 32768 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB
ipcache_size 10240
ipcache_low 90
ipcache_high 95
fqdncache_size 10240
log_fqdn off
memory_pools off
cache_replacement_policy heap GDSF
#memory_replacement_policy heap LFUDA
memory_replacement_policy lru
#cache_replacement_policy lru
cache_dir ufs /mnt/cache 12000 16 256
log_mime_hdrs on
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt %>st
cache_access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /usr/local/squid/logs/squid.pid
store_dir_select_algorithm round-robin
debug_options ALL,1
ftp_user admin@
ftp_passive on
dns_timeout 50 seconds
quick_abort_min 10 kb
quick_abort_pct 50%
quick_abort_max 1024 kb
negative_ttl 2 minute
range_offset_limit 0 KB
connect_timeout 20 second
#cache_peer
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all
# And finally deny all other access to this proxy
icp_access allow all
cache_mgr support@domain.com
cache_effective_user nobody
cache_effective_group nobody
visible_hostname my.domain.com
#dns_testnames netscape.com internic.net nlanr.net microsoft.com
dns_testnames localhost
forwarded_for on
ie_refresh on
acl localSnmp snmp_community public
snmp_port 3401
snmp_access allow localSnmp localhost
snmp_access deny all
snmp_incoming_address 0.0.0.0
snmp_outgoing_address 255.255.255.255
peer_connect_timeout 30 seconds
dead_peer_timeout 30 seconds
httpd_suppress_version_string = on
collapsed_forwarding off
dns_defnames off

Now here are the extracts from sh run on the cisco:
interface FastEthernet0
 ip address 10.10.250.1 255.255.0.0
 ip wccp web-cache redirect in
 ip nat inside
 ip nat enable
 ip virtual-reassembly
 ip tcp adjust-mss 1412
 duplex auto
 speed auto
!

Any ideas as to what is wrong, because squid registers with the
router, but the traffic never gets to the cache and web stops working
should the user match the ACL list.?

Thanks in advance,
Ian
Received on Tue Aug 28 2007 - 13:20:20 MDT