Re: [squid-users] ISP-style Transparent Proxy

From: Nick Bright <nick.bright_at_valnet.net>
Date: Wed, 07 Nov 2012 18:06:25 -0600

On 11/7/2012 4:43 PM, Eliezer Croitoru wrote:
> On 11/8/2012 12:35 AM, Nick Bright wrote:
>> I'm new to WCCP, so I'll need to figure out how to make that
>> determination. Any advice on doing so would be appreciated.
> Take a look at:
> http://wiki.squid-cache.org/ConfigExamples/UbuntuTproxy4Wccp2
> that I wrote which works on almost the same IOS and the same model.
>
> Regards,
> Eliezer
>

A nice, concise, write up. I'm doing almost exactly that, except without
the firewall on the front end (there's no NAT anywhere).

The primary difference that I see is on the Cisco configuration. I
reconfigured my test router to match the configuration in your example
(modifying 10.80.3.0/24 to match my testing subnet), but packets weren't
being redirected to the cache at all - no hits showing on the access-list.

When I moved the statements:

  ip wccp 80 redirect out
  ip wccp 90 redirect in

from the interface facing the clients to be cached, to the interface
facing the internet, it started redirecting clients to the cache and
everything now (appears!) to be working properly as a transparent tproxy
cache!

This is with the Squid package 3.1.10 in CentOS-6 upstream.

I'm going to re-do the setup again and reconfirm my results, then I'll
post a CentOS-6 writeup on the wiki.

-- 
-----------------------------------------------
-  Nick Bright                                -
-  Vice President of Technology               -
-  Valnet -=- We Connect You -=-              -
-  Tel 888-332-1616 x 315 / Fax 620-331-0789  -
-  Web http://www.valnet.net/                 -
-----------------------------------------------
- Are your files safe?                        -
- Valnet Vault - Secure Cloud Backup          -
- More information & 30 day free trial at     -
- http://www.valnet.net/services/valnet-vault -
-----------------------------------------------

Received on Thu Nov 08 2012 - 00:06:37 MST

This archive was generated by hypermail 2.2.0 : Fri Nov 09 2012 - 12:00:03 MST