Thanks Yuri -- I have thoroughly read Cisco IOS configuration manuals pertaining to WCCP2. From what I have read, there is no strict requirement for separate configurations for standard web-cache port 80 and dynamic service for non-port 80 — wccp2 dynamic services allow redirection of any ports (up to a total of 8), including port 80. As I’ve stated before, this was a working configuration in squid 3.3 at multiple sites. If there is a rationale for distinct wccp2 service configurations for port 80 vs other ports, I sure could use a reference that explains it.
As I’ve pointed out, there is a bug in Squid 3.4 that prevents specifying multiple TCP ports in the wccp2_service_info line. I’ve corrected that now in my sources. After fixing that bug, squid 3.4.12 is functioning with WCCP2 interception for port 80, 443, and others as it did in version 3.3.x.
Regards, Guy
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1Please, read Cisco iOS WCCPv2 manual first.This one:http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.htmland this one:http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html#wp1000955wccp web-cache uses port 80 by default. Other http ports is less thanpercentile on web-traffic.https requires another dynamic wccp service.Also, take a look on config example again.This is working configuration.03.03.15 23:21, Guy Helmer пишет:It has worked in the past with WCCP2 dynamic services at multiple sites.
I’ve uncovered the wccp2_service_info ports parsing error:
--- src/wccp2.cc.ORIG 2015-03-03 11:08:18.000000000 -0600 +++ src/wccp2.cc 2015-03-03 11:10:37.000000000 -0600 @@ -2264,7 +2264,10 @@ if (i >= WCCP2_NUMPORTS) { fatalf("parse_wccp2_service_ports: too many ports (maximum: 8) in list '%s'\n", options); } - int p = xatoi(tmp); + char copy[len + 1]; + memcpy(copy, tmp, len); + copy[len] = '\0'; + int p = xatoi(copy);
if (p < 1 || p > 65535) { fatalf("parse_wccp2_service_ports: port value '%s' isn't valid (1..65535)\n", tmp);
On Mar 3, 2015, at 11:06 AM, Yuri Voinov <yvoinov@xxxxxxxxx> wrote:
You cannot combine HTTP and HTTPS in one WCCP service.
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
03.03.15 23:04, Guy Helmer пишет:
This used to work in 3.3.x:
wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80,81,83,591,8008,8080,443
squid 3.4.12 fails: 2015/03/03 11:02:33.109| cache_cf.cc(556) parseOneConfigFile: Processing: wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_source priority=240 ports=80,81,83,591,8008,8080,443 2015/03/03 11:02:33.109| wccp2.cc(2298) parse_wccp2_service_info: parse_wccp2_service_info: called 2015/03/03 11:02:33.109| ERROR: Invalid value: '80,81,83,591,8008,8080,443' is supposed to be a number.
Any help?
Thanks, Guy _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----Version: GnuPG v2iQEcBAEBAgAGBQJU9e+SAAoJENNXIZxhPexGgN8H/iu2SiLdNehFyrVlK/1X2J4Xqa0cZMoJBYcmQYY2VhjaIGVSdO1RfHt1RP5RSEFgkAkdSH10zCSK6KrzK4eh6jrUFuze0mvACuQsi0CfwEQ2KO9gREeOpP7+QcqZ304zEdw2fFDT4YEDRBKhiYXtAYtKzR4oiNAlut5TWhwjHkmbvTADLWjp64gP0FggVEYIPvIBGYQqSKjE+JVRruiCSTtWTrbXjcwGNX7SA2gN3pl7pO+QcCwLdErzXnzc3E3ExCKW9uTB3VLKkK4BbK7uRBQXiKUsB/G9Ps8nAt08xK/puKL0fXJ1t//N8BXSrSkztTODQ/ckTBn772Dr2LJNv7Q==j/dZ-----END PGP SIGNATURE-----
|