Re: [squid-users] WCCP doesn't seem to work

Hi !
U should use iptables instead ipchains.
iptables -t nat -A PREROUTING -i gre0 -p tcp --dport 80 -j
REDIRECT --to-port 3128

and some command for your squid.conf:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

And if you use sub interface setting in your router (for your squid
machine), you should add this line on your squid interface:

no ip mroute-cache

----- Original Message -----
From: "Chris Debono" <chris@telemail.com.mt>
To: "Deniz Aydemir" <aydemird@yahoo.com>; "Michael Wise"
<mwise@buscominc.com>; <squid-users@squid-cache.org>
Sent: Thursday, July 25, 2002 1:46 PM
Subject: RE: [squid-users] WCCP doesn't seem to work

> Hi
>
> I seem to have a similar problem too. My router is redirecting packets
> to the squid box but I get an error when I try to access a web page and
> the entry does not come in access.log. here is a copy of my configs. I
> also noticed that when I do a netstat -i -v, I get packets recived on
> the gre0 interface but not transmitted. I cannot figure out what is
> wrong. ip_gre.c patched version is attached. Squid version is latest RPM
> provided by RH7.3 and machine is fully updated. IPchains should be
> working fine because when I set the gateway of workstation to the squid
> machine, the squid works well.
>
> Chris
>
>
>
> Kernel Interface table
> Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP
> TX-OVR Flg
> eth1 1500 0 15871 2 0 0 9150 6 0
> 0 BMRU
> gre0 1476 0 328 0 0 0 0 0 0
> 0 ORU
> lo 16436 0 54 0 0 0 54 0 0
> 0 LRU
>
>
> Show ip wccp
>
> gate1#show ip wccp
> Global WCCP information:
> Router information:
> Router Identifier: 62.240.54.5
> Protocol Version: 1.0
>
> Service Identifier: web-cache
> Number of Cache Engines: 1
> Number of routers: 1
> Total Packets Redirected: 445
> Redirect access-list: -none-
> Total Packets Denied Redirect: 0
> Total Packets Unassigned: 0
> Group access-list: -none-
> Total Messages Denied to Group: 0
> Total Authentication failures: 0
>
>
> tcpdump: listening on gre0
> 08:46:44.175592 < 883e 62:
> 4500 0028 03be 4000 7f06 06c3 3ef0 361c
> cf44 acfe 041f 0050 0490 f867 b99a 527b
> 5010 40b0 7058 0000 0000 0000 0000
> 08:46:44.175976 < 883e 326:
> 4500 0136 03bf 4000 7f06 05b4 3ef0 361c
> cf44 acfe 041f 0050 0490 f867 b99a 527b
> 5018 40b0 b15c 0000 4745 5420 2f20 4854
> 5450 2f31 2e31 0d0a 4163 6365 7074 3a20
> 2a2f 2a0d 0a41 6363 6570 742d 4c61 6e67
> 08:46:47.143164 < 883e 326:
> 4500 0136 03c2 4000 7f06 05b1 3ef0 361c
> cf44 acfe 041f 0050 0490 f867 b99a 527b
> 5018 40b0 b15c 0000 4745 5420 2f20 4854
> 5450 2f31 2e31 0d0a 4163 6365 7074 3a20
> 2a2f 2a0d 0a41 6363 6570 742d 4c61 6e67
> 08:46:47.394931 < 883e 62:
> 4500 0028 03c4 4000 7f06 06bd 3ef0 361c
> cf44 acfe 041f 0050 0490 f975 b99a 527b
> 5010 40b0 6f4a 0000 0000 0000 0000
> 08:46:53.151815 < 883e 326:
> 4500 0136 03c6 4000 7f06 05ad 3ef0 361c
> cf44 acfe 041f 0050 0490 f867 b99a 527b
> 5018 40b0 b15c 0000 4745 5420 2f20 4854
> 5450 2f31 2e31 0d0a 4163 6365 7074 3a20
> 2a2f 2a0d 0a41 6363 6570 742d 4c61 6e67
> 08:47:02.502135 < 883e 62:
> 4500 0028 8805 4000 7f06 a26a 3ef0 3622
> a88f b3be 9e88 0050 0017 7416 9f37 56fa
> 5010 205c b4e0 0000 2020 2020 2020
> 08:47:02.919463 < 883e 62:
> 4500 0028 8905 4000 7f06 a16a 3ef0 3622
> a88f b3be 9e88 0050 0017 7416 9f37 56fa
> 5004 0000 d548 0000 2020 2020 2020
> 08:47:02.925994 < 883e 62:
> 4500 0028 8a05 4000 7f06 74bb 3ef0 3622
> c316 c4e6 9e80 0050 0017 33f2 9f37 56fa
> 5004 0000 e9c5 0000 2020 2020 2020
> 08:47:02.932585 < 883e 62:
> 4500 0028 8b05 4000 7f06 743c 3ef0 3622
> c316 c465 9e7a 0050 0016 e5b2 9f37 56fa
> 5004 0000 388d 0000 2020 2020 2020
> 08:47:02.939232 < 883e 62:
> 4500 0028 8c05 4000 7f06 733c 3ef0 3622
> c316 c465 9e79 0050 0016 e29f de63 f74b
> 5004 0000 5c23 0000 2020 2020 2020
> 08:47:03.876911 < 883e 62:
> 4500 0028 8d05 0000 7f06 dd6a 3ef0 3622
> a88f b3be 9e88 0050 0017 7416 0017 7416
> 5004 0000 574d 0000 2020 2020 2020
> 08:47:05.169041 < 883e 326:
> 4500 0136 03cc 4000 7f06 05a7 3ef0 361c
> cf44 acfe 041f 0050 0490 f867 b99a 527b
> 5018 40b0 b15c 0000 4745 5420 2f20 4854
> 5450 2f31 2e31 0d0a 4163 6365 7074 3a20
> 2a2f 2a0d 0a41 6363 6570 742d 4c61 6e67
> 08:47:06.569800 < 883e 62:
> 4500 0028 8e05 0000 7f06 dc6a 3ef0 3622
> a88f b3be 9e88 0050 0017 7416 0017 7416
> 5004 0000 574d 0000 2020 2020 2020
>
>
>
>
>
>
> -----Original Message-----
> From: Deniz Aydemir
> Sent: Thu 7/25/2002 4:34 AM
> To: Michael Wise; squid-users@squid-cache.org
> Cc:
> Subject: Re: [squid-users] WCCP doesn't seem to work
> can you send the tcpdump results of ports 80 3128 and
> 2048 on squid box and ip wccp debug results on your
> router and browser error msg.
> thanks
> deniz aydemir
>
> --- Michael Wise <mwise@buscominc.com> wrote:
> > I have set up a Cisco router and a Squid box running
> > squid-2.4STABLE1 to
> > use wccp for transparent proxy. I have compiled and
> > loaded the ip_wccp
> > module. The router is using wccpv1. It sees squid
> > and forwards packets
> > to it. I have set the iptables to redirect port 80
> > to port 3128. Its
> > seems to be catching those packets and redirecting
> > them. If this is in
> > place no one can use the web and nothing shows up in
> > the squid logs. The
> > acls are set to allow all. If I point a web browser
> > to squid port 3128,
> > everything works. I would appreciate any help. If
> > more information is
> > needed, let me know.
> >
> > Michael;
> >
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Health - Feel better, live better
> http://health.yahoo.com
>
>
>
>
>
Received on Thu Jul 25 2002 - 23:06:59 MDT