Search squid archive

RE: Red Hat 5 - Squid 2.6 Stable 13 WCCP V2 and GRE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 I have determined what is happening but am not sure what to do to fix the problem. I ran tcpdump on my client and it sent 3 SYN requests. I saw 378 SYN requests come in my GRE interface and saw 375 SYN requests go out my ETH interface with a source IP of the client address. Since the source address is not the Squid machine, WCCP is sending them back to me again. Is Linux forwarding these packets acting as a router or does Squid use the client IP address in its request to contact the real web server?

Thanks,

Kevin

-----Original Message-----
From: Van Der Hart, Kevin [mailto:kvanderhart@xxxxxxxxxxxxxx] 
Sent: Monday, June 11, 2007 10:09 AM
To: Henrik Nordstrom
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: RE:  Red Hat 5 - Squid 2.6 Stable 13 WCCP V2 and GRE


>lör 2007-06-09 klockan 08:28 -0500 skrev Van Der Hart, Kevin:
>> I am trying to get a transparent proxy working via WCCP V2 and am having
>> an issue. I am running Red Hat 5 fully updated. IP Forwarding is
>> enabled, RP_FILTER is disabled, the firewall is disabled. The kernel on
>> Red Hat 5 is 2.6.18 which is supposed to have the patched version of
>> ip_gre.

>It should..

>> My iptable entry is built to port map traffic on port 80 to 3128
>> and I have tested that it is working. The gre tunnel is online and I can
>> see traffic coming through the tunnel to port 80. The SYN packet comes
>> in but no SYN ACK ever leaves.

>Have you disabled rp_filter on the GRE interface? And is your iptables
>rule for intercepting port 80 active on the GRE interface?


# cat /proc/sys/net/ipv4/conf/gre1/rp_filter
0

# iptables -t nat -L PREROUTING
Chain PREROUTING (policy ACCEPT)
target     prot opt source     destination
REDIRECT   tcp  --  anywhere   anywhere     tcp dpt:http redir ports 3128

I have also tried removing the iptable entry and running Squid on port 80 and had the same results.

>Note: The SYN ACK should leave via the Ethernet, not the GRE. The GRE is
just for Router->Proxy traffic.

I have been running tcpdump on both the GRE and ETH interfaces and do not see the SYN ACK on either.

>> I placed a laptop on the same subnet as
>> the Linux machine and pointed my default route to the Linux machine. The
>> transparent proxying worked properly,I could surf the Internet, and I
>> saw the requests in my access.log file so I am confident that Squid is
>> configured properly for transparency.

>It is.

>Regards
>Henrik

Any other ideas that I should try?

Thanks for the response.

Kevin
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux