If this question has been answered before, can someone at least point me in
the right direction?
> We recently deployed a squid server with tproxy and wccp. I followed some of
> the steps listed at
> http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY,
> compiling tproxy support on iptables, squid, and recompiling the linux
> kernel with tproxy support. We able to browse all sites with, but receive
> timeouts after logging into gmail or hotmail. Yahoo mail seems to works.
>
> Can anyone point me in the right direction, and tell me what I may be doing
> wrong. BTW, we are using PIX for wccp, and have compiled ip_wccp.
>
> Squid Conf:
>
> debug_options ALL,1
> http_port 3128 transparent
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl apache rep_header Server ^Apache
> broken_vary_encoding allow apache
> access_log /var/log/squid/access.log squid
> hosts_file /etc/hosts
> log_fqdn on
> cache_dir ufs /var/spool/squid 2048 16 256
> refresh_pattern ^ftp: 1440 20% 10080
> refresh_pattern ^gopher: 1440 0% 1440
> refresh_pattern . 0 20% 4320
> acl EDN src X.X.X.X/X
> acl all src 0.0.0.0/0.0.0.0
> acl CONNECT method CONNECT
> visible_hostname mirror2.pelco.org
> http_access allow all
> http_reply_access allow all
>
> visible_hostname mirror2.pelco.org
> coredump_dir /var/spool/squid
> always_direct allow all
> # memory mgmt ----------
> #cache_mem 100 MB
> #maximum_object_size 10 MB
> #-----------------------
> cache_effective_user squid
>
> # WCCP
> wccp2_router x.x.x.x
> wccp2_service standard 0
>
> iptables:
> iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j TPROXY
> --on-port 3128
>
>
> Confidentiality Notice:
> The information contained in this transmission is legally
> privileged and confidential, intended only for the use of the
> individual(s) or entities named above. This email and any files
> transmitted with it are the property of Pelco. If the reader of
> this message is not the intended recipient, or an employee or agent
> responsible for delivering this message to the intended recipient,
> you are hereby notified that any review, disclosure, copying,
> distribution, retention, or any action taken or omitted to be taken
> in reliance on it is prohibited and may be unlawful. If you receive
> this communication in error, please notify us immediately by
> telephone call to +1-559-292-1981 or forward the e-mail to
> administrator@pelco.com and then permanently delete the e-mail and
> destroy all soft and hard copies of the message and any
> attachments. Thank you for your cooperation.
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST