Kumar, The commands on the router are: Ip wccp version 1 Ip wccp web cache There are no other rules in iptables, I am trying to create a transparent proxy from scratch so this is the only project for this box. Thanks, Bryan -----Original Message----- From: Raj Kumar Gurung [mailto:rajkumar@xxxxxxxxxxxxx] Sent: September 15, 2005 10:56 PM To: Shoebottom, Bryan Subject: Re: WCCP and iptables Do you have other IPTABLES rules in your box ? And whats your cisco command there ? uglyjoe79 Shoebottom, Bryan wrote: >Kumar, > >Thanks for the info. These are the commands I have been using to try to >get this working, but have not been successful. I rebooted the box and >started the network config from scratch copying and pasting your >commands, replacing the appropriate values of course. But still on the >cisco router I get the same info from the "show ip wccp web-cache >detail" command. > >When I do a packet capture, I can see that the router hands the cache >server all the buckets, but when the cache server replies it shows all >buckets as unassigned. > >Also, with this command in iptables, should I not be able to telnet to >port 80 on the box and be redirected to port 3128? When I try this >"telnet localhost 80" I get a connection refused. > >Thanks, >Bryan > > > >-----Original Message----- >From: Raj Kumar Gurung [mailto:rajkumar@xxxxxxxxxxxxx] >Sent: September 15, 2005 2:05 AM >To: Shoebottom, Bryan >Subject: Re: WCCP and iptables > >For GRE interception , i have used : >insmod ip_gre >iptunnel add gre1 mode gre remote* router-IP* local *squid-box-IP* dev >eth*X* >ifconfig gre1 127.0.0.2 up > >Also check it the the traffic to port 80 is redirected to the squid >port.You can try iptables itself for that... >iptables -A PREROUTING -i eth*X* -p tcp -m tcp --dport 80 -j REDIRECT >--to-ports 3128 > >I hope it works.. > >uglyjoe79 > >Shoebottom, Bryan wrote: > > > >>Hello, >> >>I am using linux 2.4.31 with ip_gre and cannot seem to get the wccp v1 >> >> >connection to work completely between my router and the squid cache. >Here is what I am getting on the router: > > >>MDIST#sho ip wcc we det >>WCCP Cache-Engine information: >> Web Cache ID: 0.0.0.0 >> Protocol Version: 0.4 >> State: Usable >> Redirection: GRE >> Packet Return: GRE >> Assignment: HASH >> Initial Hash Info: 00000000000000000000000000000000 >> 00000000000000000000000000000000 >> Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF >> FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF >> Hash Allotment: 256 (100.00%) >> Packets Redirected: 15 >> Connect Time: 03:16:30 >> >>MDIST#sho ip wcc we view >> WCCP Routers Informed of: >> -none- >> >> WCCP Cache Engines Visible: >> 10.10.144.2 >> >> WCCP Cache Engines NOT Visible: >> -none- >> >>MDIST# >> >>Even though it is redirecting traffic, the cache can't/doesn't >> >> >acknowledge it. I am sure this is a problem with my gre tunnel (if I >even need one) and my firewall configuration. Can someone send me their >firewall and gre tunnel config? > > >>Thanks, >>Bryan >> >> >> >> >> >> >> > > > > >
