Search squid archive

Re: [squid-users] Squid 2.5 and FreeBSD with Interception Caching

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 1 Mar 2005, lakmal silva wrote:

FreeBSD 4.8 and WCCP as described in "Squid, the
definitive guide" by Duane Wessels. I followed exactly
the procedure given in the book but no luck so far.
The problem is, WCCP detects the squid server and
redirects packets to squid. But I don't see any logs
in the access log file. If I specifically point the
browsers to cache servers I get the entries in the
access logs. I also searched a lot on this in net and
tried many options, but ended up with the same result.
Interception is working fine for me in Redhat linux
9.0.

To help you diagnose where the problem may be the following components must all be working for WCCP interception to work

0. Squid needs to work proper when the browser is configured to use the proxy.

1. Squid and the router needs to be configured properly for WCCP. You can verify this in the router by verifying that the WCCP cache server is seen by the router and has assigned hash info.

2. The cache server OS needs to have support for WCCP/GRE decapsulation configured. You can verify this with tcpdump. When properly set tcpdump should see both WCCP/GRE packets arriving at the network interface and TCP/IP packets for port 80 on the corresponding GRE interface (or network interface if GRE is transparent with no virtual interface of it's own). If you see only WCCP/GRE packets then the WCCP/GRE decapsulation is most likely not working properl.

3. Once the decapsulation is working your OS-level firewall needs to have proper rules for redirecting the port-80 traffic to Squid. When all of 1,2, and 3 is working all traffic will be delivered to Squid and you should see either the requested site or an error message from Squid.

4. Squid needs to be properly configured for interception proxying. See FAQ. You can verify this by first verifying that the URLs logged in access.log is exacly what you requested including host name even when the browser both when the browser is configured to use the proxy and when it is not configured to use the proxy, second by using telnet (or a dumb HTTP/1.0 client) sending a request without a Host header

   telnet www.squid-cache.org
   GET / HTTP/1.0
   [blank line]

Should give you www.squid-cache.org index page, and http://206.168.0.9/ logged in Squid access.log.

Regards
Henrik
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux