All
I know over the years there have been many posts about this subject but I'm
stuck
My architecture is as follows
10.0.0.1 --internal cisco router (Default Gateway) running wccp version 1
--PIX Firewall---
192.168.0.252 --squid cache (in DMZ)
I am trying to utilize the transparent proxy feature to redirect specific IP
Addresses at leisure to a specific site.
Currently, 2.4.18-3 linux kernel with ip_wccp and ip_gre modules loaded with
no errors
gre1 interface with IP Address 192.168.0.251 (configured as
wccp_outgoing_address)
Router and Squid communicating successfully:
WCCP Cache-Engine information:
IP Address: 192.168.0.251
Protocol Version: 0.4
State: Usable
Initial Hash Info: 00000000000000000000000000000000
00000000000000000000000000000000
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets Redirected: 96
Connect Time: 00:31:29
Packets are properly being redirected from the router's perspective.
The problem is that something (transparent proxy) doesn't seem to be
working.
I have followed the WCCP FAQ section to a "t" and added the appropriate
iptables rules and squid.conf settings
If I telnet from an internal client (10.0.0.46) to port 80 on my Squid box,
it gets properly recdirected to port 3128
when doing a tcpdump on my squid box, I see the GRE traffic from my router
when a client tries to connect, but I see reply traffic directly from the
intended HTTP server address to the client. Not sure if its not getting
NAT'd or what, but I also have no entries in my squid access.log. I am
totally stumped.
Any help is appreciated.
Thanks
Received on Sat Oct 04 2003 - 12:34:35 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:18 MST