Search squid archive

RE: Red Hat 5 - Squid 2.6 Stable 13 WCCP V2 and GRE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>lör 2007-06-09 klockan 08:28 -0500 skrev Van Der Hart, Kevin:
>> I am trying to get a transparent proxy working via WCCP V2 and am having
>> an issue. I am running Red Hat 5 fully updated. IP Forwarding is
>> enabled, RP_FILTER is disabled, the firewall is disabled. The kernel on
>> Red Hat 5 is 2.6.18 which is supposed to have the patched version of
>> ip_gre.

>It should..

>> My iptable entry is built to port map traffic on port 80 to 3128
>> and I have tested that it is working. The gre tunnel is online and I can
>> see traffic coming through the tunnel to port 80. The SYN packet comes
>> in but no SYN ACK ever leaves.

>Have you disabled rp_filter on the GRE interface? And is your iptables
>rule for intercepting port 80 active on the GRE interface?


# cat /proc/sys/net/ipv4/conf/gre1/rp_filter
0

# iptables -t nat -L PREROUTING
Chain PREROUTING (policy ACCEPT)
target     prot opt source     destination
REDIRECT   tcp  --  anywhere   anywhere     tcp dpt:http redir ports 3128

I have also tried removing the iptable entry and running Squid on port 80 and had the same results.

>Note: The SYN ACK should leave via the Ethernet, not the GRE. The GRE is
just for Router->Proxy traffic.

I have been running tcpdump on both the GRE and ETH interfaces and do not see the SYN ACK on either.

>> I placed a laptop on the same subnet as
>> the Linux machine and pointed my default route to the Linux machine. The
>> transparent proxying worked properly,I could surf the Internet, and I
>> saw the requests in my access.log file so I am confident that Squid is
>> configured properly for transparency.

>It is.

>Regards
>Henrik

Any other ideas that I should try?

Thanks for the response.

Kevin


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux