Thanks Adrian, however, I have a requirement to make this work on the my current version of squid (2.5) so WCCP v.1 will have to do. I enabled ip_forwarding (echo 1 > /proc/sys/net/ipv4/ip_forward), however I did not disable rp_filter. Do I need to do that on all interfaces? It looks like it is configurable per interface: webc2:~# find /proc -name rp_filter /proc/sys/net/ipv4/conf/eth1/rp_filter /proc/sys/net/ipv4/conf/eth0/rp_filter /proc/sys/net/ipv4/conf/default/rp_filter /proc/sys/net/ipv4/conf/all/rp_filter /proc/sys/net/ipv4/conf/lo/rp_filter Thanks, -- Chad On 11/13/06, Adrian Chadd <adrian@xxxxxxxxxxxxxxx> wrote:
On Mon, Nov 13, 2006, Chad Harrelson wrote: > I am trying DESPRATELY to get Cisco, Linux, WCCP, Squid, and ip_gre to > all play nicely together. I am running RHEL 3.1 with a 2.4.21-37.EL > kernel. Squid is version squid-2.5.STABLE3-6.3 Are you using WCCPv1 or WCCPv2? Squid-2.5 doesn't support WCCPv2 without some patching - and if you're going to patch I'd suggest just upgrading to Squid-2.6.STABLE5. > webc2:~# lsmod > Module Size Used by Not tainted > iptable_nat 22744 1 (autoclean) > ip_conntrack 29736 1 (autoclean) [iptable_nat] > ip_tables 16544 3 [iptable_nat] > ip_gre 11968 1 > > webc2:~# iptables -t nat -A PREROUTING -i gre0 -p tcp -m tcp --dport > 80 -j DNAT --to-destination 150.125.125.114:80 Make sure you've enabled ip routing/forwarding and disabled rp_filter in /proc . > webc2:~# cat /etc/squid/squid.conf > --trimmed-- > wccp_router 150.125.125.98 > http_port 80 > httpd_accel_host virtual > httpd_accel_port 80 > httpd_accel_with_proxy on > httpd_accel_uses_host_header on Looks good; but thats for wccpv1. An example working WCCPv2 config can be found in the Squid Wiki. Its for Squid-2.6 and WCCPv2. Adrian
