you have misunderstand my words. I said no need to block WCCP proxy traffic
regarding redirecting becoz cisco router does not route proxy packet. If a
proxy is listed in wccp.
-- Best Regs, Masood Ahmad Shah System Administrator ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ | * * * * * * * * * * * * * * * * * * * * * * * * | Fibre Net (Pvt) Ltd. Lahore, Pakistan | Tel: +92-42-6677024 | Mobile: +92-300-4277367 | http://www.fibre.net.pk | * * * * * * * * * * * * * * * * * * * * * * * * ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie) ----- Original Message ----- From: "Awie" <awie@eksadata.com> To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users" <squid-users@squid-cache.org> Sent: Thursday, September 11, 2003 8:24 PM Subject: Re: [squid-users] WCCP issue | Masood, | | Do you mean I can remove the both standard and extend access-list? Would you | give me the IOS sample? | | I used the same IOS command as my last succesfull setting that using both | access-list. | | Thx & Rgds, | | Awie | | ----- Original Message ----- | From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk> | To: "Awie" <awie@eksadata.com>; "Squid-users" <squid-users@squid-cache.org> | Sent: Thursday, September 11, 2003 9:18 PM | Subject: Re: [squid-users] WCCP issue | | | > if you are using wccp then no need to deny Squid box ip in | redirect-to-squid | > access list. becoz cisco router does not route wccp cache to traffic to | wccp | > cache. | > | > -- | > | > Best Regs, | > Masood Ahmad Shah | > System Administrator | > | > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ | > | * * * * * * * * * * * * * * * * * * * * * * * * | > | Fibre Net (Pvt) Ltd. Lahore, Pakistan | > | Tel: +92-42-6677024 | > | Mobile: +92-300-4277367 | > | http://www.fibre.net.pk | > | * * * * * * * * * * * * * * * * * * * * * * * * | > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ | > Unix is very simple, but it takes a genius to understand the simplicity. | > (Dennis Ritchie) | > | > ----- Original Message ----- | > From: "Awie" <awie@eksadata.com> | > To: "Squid-users" <squid-users@squid-cache.org> | > Sent: Thursday, September 11, 2003 5:43 PM | > Subject: [squid-users] WCCP issue | > | > | > | All, | > | | > | I was succesfull to run WCCP with my old box (Linux 2.2.19 and Squid | > 2.3.S4) | > | using WCCP patch of Joe Copper. | > | | > | Now, I use new version of Linux 2.4.21 and Squid 2.4S7 and Cisco 3660 | with | > | IOS 12.1. The router did not work well to redirect the packets. Below | the | > | messages in Linux box and Cisco Router as well. | > | | > | | > | # lsmod | > | | > | Module Size Used by Not Tainted | > | ipt_REDIRECT 1408 1 (autoclean) | > | ip_wccp 1456 0 (unused) | > | | > | | > | dpr-gtw-01#sh ip wccp | > | Global WCCP information: | > | Router information: | > | Router Identifier: aaa.aaa.aaa.aaa | > | Protocol Version: 1.0 | > | | > | Service Identifier: web-cache | > | Number of Cache Engines: 1 | > | Number of routers: 1 | > | Total Packets Redirected: 14159 | > | Redirect access-list: redirect-to-squid | > | Total Packets Denied Redirect: 17336 | > | Total Packets Unassigned: 222478 | > | Group access-list: squid-cache | > | Total Messages Denied to Group: 0 | > | Total Authentication failures: 0 | > | | > | Herewith IOS setting : | > | | > | ! | > | ip wccp version 1 | > | ip wccp web-cache redirect-list redirect-to-squid group-list squid-cache | > | ! | > | ! | > | interface Serial1/0 | > | Bla..bla...bla..... | > | ip wccp web-cache redirect out | > | ! | > | interface Serial1/1 | > | Bla..bla...bla..... | > | ip wccp web-cache redirect out | > | ! | > | ! | > | ip access-list standard squid-cache | > | permit ip.of.my.Squid | > | ! | > | ip access-list extended redirect-to-squid | > | deny tcp host ip.of.my.squid any eq www | > | permit ip my.subnet.block.list any | > | deny tcp any any eq www | > | ! | > | ! | > | ! | > | | > | FYI, I have 2 Internet links that attached to both serial of router. | > | | > | Why did the router display lines below? | > | What does the packet unassigned mean? Is it any non-HTTP packet? | > | | > | Total Packets Denied Redirect: 17336 | > | Total Packets Unassigned: 222478 | > | | > | Your answer is very appreciated and waited for. | > | | > | Thx & Rgds, | > | | > | Awie | > | | > | | > | | > | | > | |Received on Thu Sep 11 2003 - 23:30:42 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:40 MST