[squid-users] Problem on transparent proxy, setting up gre tunnel on Fedora

From: Jian Wang <jianw32@dont-contact.us>
Date: Thu, 31 Jan 2008 02:41:27 -0600

Hi,

I have trouble setting up the gre tunnel.
Searching on the archived email database, I found following link
describing similiar question:
http://www.squid-cache.org/mail-archive/squid-users/200504/0567.html

I tried as suggested in above link, but failed.
> modprobe ip_gre
   This command is ok
> ip tunnel add wccp mode gre remote ip.of.your.router dev ethX
   my command is: "iptunnel add gre0 mode gre remote 192.168.4.1 local
192.168.1.100 dev eth0"
   and the result is:
ioctl: No buffer space available

What does this mean?
Does this means gre0 is already there and I can not add a same gre0 tunnel?
And the command "iptunnel change gre0 mode gre ..." command failed with:
ioctl: No such file or directory

Then I tried "iptunnel add gre1 mode gre remote 192.168.4.1 local
192.168.1.100 dev eth0", where 192.168.4.1 is my router's identifier
and 192.168.1.100 is the Fedora server where my squid is sitting on.
Now the command is succesfull and bringing up a iptunnel gre1.

And my iptable command is:
iptables -t nat -A PREROUTING -s 192.168.0.0/16 -i gre1 -p tcp --dport
80 -j REDIRECT --to-port 3128

However, the two interfaces shown by "ifconfig -a" are:
gre0 Link encap:UNSPEC HWaddr
00-00-00-00-A3-BF-C8-E7-00-00-00-00-00-00-00-00
         UP RUNNING NOARP MTU:1476 Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
gre1 Link encap:UNSPEC HWaddr
C0-A8-01-64-A3-BF-C8-E7-00-00-00-00-00-00-00-00
         UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Also I tried "tcpdump -n -i gre1 ip proto gre", there are warnings
(are they indicating something?) there:
tcpdump: WARNING: arptype 778 not supported by libpcap - falling back
to cooked socket
tcpdump: WARNING: gre1: no IPv4 address assigned
Then no packets are captured by this command

All of above seem to indicate none of the two tunnels is capturing
anything, right?

On the other hand, "tcpdump -n -i eth0 ip proto gre" does capture packets like:
IP 192.168.4.1 > 192.168.1.100: GREv0, length 68: gre-proto-0x883e

Finally, here is my linux version:
# uname -a
Linux HOST 2.6.22.14-72.fc6

What's wrong with my configuration? The squid side seems to work fine
when I don't use transparent proxy, namely, when I configure proxy
server in browsers of client side, the squid access.log records all
the succesfully access to squid.
Thanks a lot.
Sinecerely,
Jianw
Received on Thu Jan 31 2008 - 01:41:30 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST