[squid-users] transparent Proxy with WCCP

From: Roland Roland <R_O_L_A_N_D_at_hotmail.com>
Date: Thu, 18 Dec 2008 16:20:35 +0200

Hi All,

I'm trying to get Squid to work as a transparent proxy on Fedora 10.

I've done the following settings with no luck:

- LAN Subnet: 192.168.0.0/24
- Cisco Router: 192.168.0.1
- Linux Proxy : 192.168.0.108
- Fedora 10
- Squid 3.0
- modprobe ip_gre << didn't give any output, thus module exists.
- Disabled firewall, and set default rule to accept all, on both
input/output/forwarding (just to get things started with no hassle)
-set SElinux management to permissive.

------------------added to Squid.conf:------------------

acl MyNet src 192.168.0.0/24
http_access allow MyNet (this is set before the deny all rule)
wccp_router 192.168.0.1
http_port 3128 transparent

------------------connectivity------------------

ip tunnel add wccp0 mode gre remote 192.168.0.1 local 192.168.0.108 dev eth0
ip addr add 192.168.0.108/24 dev wccp0
ip link set wccp0 up

iptables -t nat -A PREROUTING -i wccp0 -j REDIRECT -p tcp --to-port 80 <<--
to direct from GRE to port 80

------------------Cisco 2811 Router:------------------

conf t
ip wccp version 1
ip wccp web-cache

int vlan1 (Interface facing the itnernet)
ip wccp web-cache redirect out

int f0/1 (interface facing my LAN)
ip wccp web-cache redirect out

------------------sh ip wccp gives the following:------------------

Global WCCP information:
    Router information:
        Router Identifier: X.X.X.X (my router's PUblic IP)
        Protocol Version: 1.0

    Service Identifier: web-cache
        Number of Service Group Clients: 0
        Number of Service Group Routers: 1
        Total Packets s/w Redirected: 0
          Process: 0
          Fast: 0
          CEF: 0
        Redirect access-list: -none-
        Total Packets Denied Redirect: 0
        Total Packets Unassigned: 0
        Group access-list: -none-
        Total Messages Denied to Group: 0
        Total Authentication failures: 0
        Total Bypassed Packets Received: 0

 
Received on Thu Dec 18 2008 - 14:20:48 MST

This archive was generated by hypermail 2.2.0 : Thu Dec 18 2008 - 12:00:03 MST