[squid-users] Transparent proxy trouble [2]

From: Alexey A. Britchko <raven@dont-contact.us>
Date: Thu, 26 Jul 2001 10:32:01 +0600

os FreeBSD 4.2 cisco 3661 router

Steps in order to make my squid to work as transparent
proxy:
1. Configure squid with --enable-ipf-transparent option,
make and install it.
2. Configure kernel. Adding IP_FIREWALL,
FIREWALL_DEFAULT_TO_ACCEPT and IPFIREWALL_FORWARD
.
3. Configure cisco to redirect packets:

ip wccp version 1
ip wccp web-cache redirect-list fwd-2-squid
interface Serial3/0
 bandwidth 256
 ip address 213.189.206.130 255.255.255.252
 ip access-group Ext-ip-in in
 ip access-group Ext-ip-out out
 no ip redirects
 ip accounting output-packets
 ip wccp redirect exclude in
 ip audit AUDIT.1 in
 ip route-cache flow
 no ip mroute-cache
 random-detect
!
ip access-list standard fwd-2-squid
 deny 213.189.214.1 log
 permit 213.189.214.0 0.0.0.255
 deny any

4. Configure ipfw :
ipfw add allow all from any to any
ipfw add fwd 213.189.214.1,3128 tcp from any to any 80

5. Configure SQUID:
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Squid and cisco sees each other (messages in cosco log: i
see you, here I am).
But redirection doesn't work.

Any ideas?

Best regard,
Alexey
Received on Wed Jul 25 2001 - 22:32:06 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:19 MST