Re: [squid-users] WCCP issue from Masood Ahmad Shah on 2003-09-11 (squid-users)

From: Masood Ahmad Shah <masood@dont-contact.us>
Date: Fri, 12 Sep 2003 10:30:20 +0500
you have misunderstand my words. I said no need to block WCCP proxy traffic
regarding redirecting becoz cisco router does not route proxy packet. If a
proxy is listed in wccp.
-- 
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
|   * * * * * * * * * * * * * * * * * * * * * * * *
|   Fibre Net (Pvt) Ltd. Lahore, Pakistan
|   Tel: +92-42-6677024
|   Mobile: +92-300-4277367
|   http://www.fibre.net.pk
|   * * * * * * * * * * * * * * * * * * * * * * * *
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)
----- Original Message ----- 
From: "Awie" <awie@eksadata.com>
To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
<squid-users@squid-cache.org>
Sent: Thursday, September 11, 2003 8:24 PM
Subject: Re: [squid-users] WCCP issue
| Masood,
|
| Do you mean I can remove the both standard and extend access-list? Would
you
| give me the IOS sample?
|
| I used the same IOS command as my last succesfull setting that using both
| access-list.
|
| Thx & Rgds,
|
| Awie
|
| ----- Original Message -----
| From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
| To: "Awie" <awie@eksadata.com>; "Squid-users"
<squid-users@squid-cache.org>
| Sent: Thursday, September 11, 2003 9:18 PM
| Subject: Re: [squid-users] WCCP issue
|
|
| > if you are using wccp then no need to deny Squid box ip in
| redirect-to-squid
| > access list. becoz cisco router does not route wccp cache to traffic to
| wccp
| > cache.
| >
| > --
| >
| > Best Regs,
| > Masood Ahmad Shah
| > System Administrator
| >
| > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > |   Fibre Net (Pvt) Ltd. Lahore, Pakistan
| > |   Tel: +92-42-6677024
| > |   Mobile: +92-300-4277367
| > |   http://www.fibre.net.pk
| > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > Unix is very simple, but it takes a genius to understand the simplicity.
| > (Dennis Ritchie)
| >
| > ----- Original Message -----
| > From: "Awie" <awie@eksadata.com>
| > To: "Squid-users" <squid-users@squid-cache.org>
| > Sent: Thursday, September 11, 2003 5:43 PM
| > Subject: [squid-users] WCCP issue
| >
| >
| > | All,
| > |
| > | I was succesfull to run WCCP with my old box (Linux 2.2.19 and Squid
| > 2.3.S4)
| > | using WCCP patch of Joe Copper.
| > |
| > | Now, I use new version of Linux 2.4.21 and Squid 2.4S7 and Cisco 3660
| with
| > | IOS 12.1. The router did not work well to redirect the packets. Below
| the
| > | messages in Linux box and Cisco Router as well.
| > |
| > |
| > | # lsmod
| > |
| > | Module               Size      Used by        Not Tainted
| > | ipt_REDIRECT    1408         1               (autoclean)
| > | ip_wccp             1456         0                (unused)
| > |
| > |
| > | dpr-gtw-01#sh ip wccp
| > | Global WCCP information:
| > |     Router information:
| > |         Router Identifier:                   aaa.aaa.aaa.aaa
| > |         Protocol Version:                    1.0
| > |
| > |     Service Identifier: web-cache
| > |         Number of Cache Engines:             1
| > |         Number of routers:                   1
| > |         Total Packets Redirected:            14159
| > |         Redirect access-list:                redirect-to-squid
| > |         Total Packets Denied Redirect:       17336
| > |         Total Packets Unassigned:            222478
| > |         Group access-list:                   squid-cache
| > |         Total Messages Denied to Group:      0
| > |         Total Authentication failures:       0
| > |
| > | Herewith IOS setting :
| > |
| > | !
| > | ip wccp version 1
| > | ip wccp web-cache redirect-list redirect-to-squid group-list
squid-cache
| > | !
| > | !
| > | interface Serial1/0
| > | Bla..bla...bla.....
| > | ip wccp web-cache redirect out
| > | !
| > | interface Serial1/1
| > | Bla..bla...bla.....
| > | ip wccp web-cache redirect out
| > | !
| > | !
| > | ip access-list standard squid-cache
| > |  permit ip.of.my.Squid
| > | !
| > | ip access-list extended redirect-to-squid
| > |  deny   tcp host ip.of.my.squid any eq www
| > |  permit ip my.subnet.block.list any
| > |  deny   tcp any any eq www
| > | !
| > | !
| > | !
| > |
| > | FYI, I have 2 Internet links that attached to both serial of router.
| > |
| > | Why did the router display lines below?
| > | What does the packet unassigned mean? Is it any non-HTTP packet?
| > |
| > | Total Packets Denied Redirect:       17336
| > | Total Packets Unassigned:            222478
| > |
| > | Your answer is very appreciated and waited for.
| > |
| > | Thx & Rgds,
| > |
| > | Awie
| > |
| > |
| > |
| > |
| >
|
|
Received on Thu Sep 11 2003 - 23:30:42 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:40 MST