Hello, Thanks for your replies, Much details on my setup. I have : 1- Loaded ip_gre module in the kernel ( I didn't use ip_wccp module) 2- My Iptables redirection entry [root@svr ~]# iptables -nL -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 3128 3- My /etc/sysctl.conf # Controls IP packet forwarding net.ipv4.ip_forward = 1 # Controls source route verification net.ipv4.conf.default.rp_filter = 0 # Do not accept source routing net.ipv4.conf.default.accept_source_route = 0 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 4- I have created enabled CEF on the outbound interface, and desabled cef routing on my router's network local interface (the one in the same net as the transparent proxy) ----------- resource policy ! mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ip subnet-zero ip wccp version 1 ip wccp web-cache ! ! no ip dhcp use vrf connected ! ! ip cef no ip ips deny-action ips-interface ! interface Ethernet0 ip address default-GW 255.255.255.xx no ip route-cache cef full-duplex ! interface FastEthernet0 ip address external.6 255.255.255.yy ip wccp web-cache redirect out speed auto full-duplex ! -------- I can see through tcpdump -i bond0 port 2048 that all the http packets going outside my network are sent by the router to the squid server, but they are not processed by squid. access.log is empty. It works for one second, and then stop, [root@cache ~]# tcpdump -i bond0 port 2048 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on bond0, link-type EN10MB (Ethernet), capture size 96 bytes 01:40:23.121220 IP cache.net.com.2048 > xxxx.33.2048: UDP, length 52 01:40:23.124210 IP xxxx.x.33.2048 > cache.net.com.2048: UDP, length 64 01:40:33.590158 IP cache.net.com.2048 > xxxx.33.2048: UDP, length 52 01:40:33.593084 IP xxxx.33.2048 > cache.net.com.2048: UDP, length 64 01:40:43.860186 IP cache.net.com.2048 > xxxx.33.2048: UDP, length 52 01:40:43.863289 IP xxxx.33.2048 > cache.net.com.2048: UDP, length 64 01:40:54.118201 IP cache.net.com.2048 > xxxx.33.2048: UDP, length 52 01:40:54.121165 IP xxxx.33.2048 > cache.net.com.2048: UDP, length 64 01:41:03.866463 IP cache.net.com.2048 > xxxx.33.2048: UDP, length 52 01:41:03.869469 IP xxxx.33.2048 > cache.net.com.2048: UDP, length 64 10 packets captured 10 packets received by filter 0 packets dropped by kernel [root@svr ~]# tail -f /var/log/squid/access.log 1141763404.652 5 66.219.100.118 TCP_DENIED/403 1442 POST http://66.219.100.118:25/ - NONE/- text/html 1141763404.709 0 66.219.100.118 TCP_DENIED/403 1424 CONNECT mx2.gawab.com:25 - NONE/- text/html 1141765495.830 2 69.93.201.244 TCP_DENIED/403 1484 GET http://195.24.216.45/w00tw00t.at.ISC.SANS.DFind:) - NONE/- text/html 1141769992.613 3 66.219.100.118 TCP_DENIED/403 1442 POST http://66.219.100.118:25/ - NONE/- text/html 1141769992.617 0 66.219.100.118 TCP_DENIED/403 1424 CONNECT mx2.gawab.com:25 - NONE/- text/html 1141783970.867 0 219.136.247.96 TCP_DENIED/403 1471 GET http://www.freeydz.com/proxy/prx1.php - NONE/- text/html 1141807200.078 0 206.113.108.11 TCP_DENIED/403 1484 GET http://195.24.216.45/w00tw00t.at.ISC.SANS.DFind:) - NONE/- text/html 1141825165.692 3 71.96.106.12 TCP_DENIED/403 1433 GET http://195.24.216.45/ - NONE/- text/html 1141834653.550 4 70.169.135.125 TCP_DENIED/403 1433 GET http://195.24.216.45/ - NONE/- text/html 1141839566.108 665 220.163.82.38 TCP_DENIED/403 1433 GET http://195.24.216.45/ - NONE/- text/html --------------------- Thanks for your much appreciated advice. Regards Dan On 3/10/06, Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> wrote: > fre 2006-03-10 klockan 16:06 -0800 skrev Daniel EPEE LEA: > > Hi Guys, > > > > I have configured a transparent proxy and I am having a hard time to > > get it to work, > > I run RHEL v4 + latest stable Squid 12 + cisco IOS 12.3.(14)T2 > > > > when my browser is configured with port 80 or 3128, it works, but it > > doesn work in transparent mode. Please advise me. > > > Don't break protocols, configure the browser to use the proxy. > > > The Squid FAQ contains howtos on how to set up transparent intercetion > in many different environment. Start by reading that. If you still have > issues please return describing a little more in detail what issues you > have, and what you have done. > > Regards > Henrik > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2.1 (GNU/Linux) > > iD8DBQBEEhfp516QwDnMM9sRAjmSAJ9MADgYBw17OxzWq9sR/JzrmEsFPwCfYLxU > D9sXPqdfU0XIEM6Qg6v4p+w= > =isXW > -----END PGP SIGNATURE----- > > >
