[squid-users] changing access-list in Traffic redirection from L3 switch to squid?

From: Mark jensen <ngiw2012_at_hotmail.com>
Date: Mon, 7 Jul 2014 10:32:47 +0000

I have configure my L3 switch to redirect the HTTP traffic to squid box:

from squid-wiki:
!
interface Ethernet0
 description To Office Ethernet
 ip address ROUTERIP 255.255.255.0
 no ip directed-broadcast
 no ip mroute-cache
 ip policy route-map proxy-redir
!
access-list 110 deny tcp host SQUIDIP any eq www
access-list 110 permit tcp any any eq www
route-map proxy-redir permit 10
 match ip address 110
 set ip next-hop SQUIDIP

but nothing is redirected, so I thought that I can try to change the access-list above to something like that(and don't change any thing else):

access-list 10 permit 192.168.1.0 0.0.0.255
route-map proxy-redir permit 10
 match ip address 10

(192.168.1.0 is the clients Network)

my questions are:

1 - I don't understand the logic of the default access-list,What does it do to redirect HTTP traffic (why we deny tcp packet from squid?)
and why redirection didn't work?

2- Is my suggestion will work for redirection?

                                               
Received on Mon Jul 07 2014 - 10:32:55 MDT

This archive was generated by hypermail 2.2.0 : Mon Jul 07 2014 - 12:00:04 MDT