os FreeBSD 4.2 cisco 3661 router
Steps in order to make my squid to work as transparent
proxy:
1. Configure squid with --enable-ipf-transparent option,
make and install it.
2. Configure kernel. Adding IP_FIREWALL,
FIREWALL_DEFAULT_TO_ACCEPT and IPFIREWALL_FORWARD
.
3. Configure cisco to redirect packets:
ip wccp version 1
ip wccp web-cache redirect-list fwd-2-squid
interface Serial3/0
bandwidth 256
ip address 213.189.206.130 255.255.255.252
ip access-group Ext-ip-in in
ip access-group Ext-ip-out out
no ip redirects
ip accounting output-packets
ip wccp redirect exclude in
ip audit AUDIT.1 in
ip route-cache flow
no ip mroute-cache
random-detect
!
ip access-list standard fwd-2-squid
deny 213.189.214.1 log
permit 213.189.214.0 0.0.0.255
deny any
4. Configure ipfw :
ipfw add allow all from any to any
ipfw add fwd 213.189.214.1,3128 tcp from any to any 80
5. Configure SQUID:
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Squid and cisco sees each other (messages in cosco log: i
see you, here I am).
But redirection doesn't work.
Any ideas?
Best regard,
Alexey
Received on Wed Jul 25 2001 - 22:32:06 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:19 MST