Re: [squid-users] RHEL v4 + Squid + wccp

2006-03-03 Thread Henrik Nordstrom 
ons 2006-02-22 klockan 15:07 +0100 skrev Daniel EPEE LEA:
 Hi,
 My kernel is 2.6.9-22.ELsmp #1 SMP
 And I have loaded the ip_gre module.
 Please can you point out where I do not get it ?

Have you created the GRE tunnel?

Is rp_filter disabled on the GRE tunnel interface?

Regards
Henrik


signature.asc
Description: Detta är en digitalt signerad	meddelandedel

Re: [squid-users] RHEL v4 + Squid + wccp

2006-02-22 Thread Daniel EPEE LEA 
Hi,
My kernel is 2.6.9-22.ELsmp #1 SMP
And I have loaded the ip_gre module.
Please can you point out where I do not get it ?

Regards,

Dan
On 2/21/06, Henrik Nordstrom [EMAIL PROTECTED] wrote:
 mån 2006-02-13 klockan 13:31 -0500 skrev Shoebottom, Bryan:
  Hello,
 
  I have not been able to get the ip_gre module and tunnel to work.  I
  currently use the ip_wccp module
  (http://www.squid-cache.org/WCCP-support/Linux/) and no configured
  tunnel on the linux box.

 ip_gre is the recommended method, but requires a fairly recent kernel to
 work. (Linux 2.6.9 or later I think).

 Regards
 Henrik


 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.2 (GNU/Linux)

 iD8DBQBD+5QG516QwDnMM9sRAiQyAJ9H7jdZEiG0MbFSqp6cNsiSHD9+2QCeMVWe
 F+NR0jyncd5ZXYWdIxacIv4=
 =ASLH
 -END PGP SIGNATURE-






--
--
Daniel Epee Lea

Re: [squid-users] RHEL v4 + Squid + wccp

2006-02-22 Thread Daniel EPEE LEA 
hello,

I have a RHELv4 cache  + Cisco IOS Software, C1700
Software (C1700-K9O3SY7-M), Version 12.3(14)T2,
RELEASE SOFTWARE (fc4).

I have applied your suggestions, but it's still not
working. Please take a lookt at my Router's + Squid
config.

Am I missing something ?
-
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable password 
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip wccp version 1
ip wccp web-cache
!
!
no ip dhcp use vrf connected
!
!
ip cef
no ip ips deny-action ips-interface
!
no ftp-server write-enable
!
interface Ethernet0
 ip address x.x.x.x 255.255.255.x
 no ip route-cache cef
 full-duplex
!
interface FastEthernet0
 ip address y.y.y.y 255.255.255.x
 ip wccp web-cache redirect out
 speed auto
 full-duplex
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
!
ip classless
ip route 0.0.0.0 0.0.0.0 y.y.y.5
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
line aux 0
line vty 0 4
 password 
 login
!
end


/etc/sysctl.conf
---
[EMAIL PROTECTED] conf]# cat gre0/rp_filter
1
[EMAIL PROTECTED] conf]# cat bond0/rp_filter
1




Squid.conf

http_port [Server IP]:3128
icp_port 3130
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 256 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
minimum_object_size 0 KB
maximum_object_size_in_memory 8 KB
cache_dir ufs /usr/local/squid/var/cache 20240 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
mime_table /usr/local/squid/etc/mime.conf
pid_filename /var/run/squid.pid
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp:   144020% 10080
refresh_pattern ^gopher:14400%  1440
refresh_pattern .   0   20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80  # http
acl Safe_ports port 21  # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70  # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl Local src [My Local Network]
http_access allow Local
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
acl our_networks src [my network]
http_access allow our_networks
http_access deny all
http_reply_access allow all
icp_access allow all
icp_access allow all
tcp_outgoing_address [Server IP]
cache_mgr [EMAIL PROTECTED]
cache_effective_user squid
cache_effective_group squid
visible_hostname cache.mydomain.com
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
logfile_rotate 10
forwarded_for on
cachemgr_passwd  shutdown
snmp_port 3401
snmp_access deny all
wccp_router [Router IP]
wccp_outgoing_address [Server IP]
coredump_dir /usr/local/squid/var/cache


Regards,

Waiting for answer

Thanks

Dan

On 2/22/06, Daniel EPEE LEA [EMAIL PROTECTED] wrote:
 Hi,
 My kernel is 2.6.9-22.ELsmp #1 SMP
 And I have loaded the ip_gre module.
 Please can you point out where I do not get it ?

 Regards,

RE: [squid-users] RHEL v4 + Squid + wccp

2006-02-13 Thread Shoebottom, Bryan 
Hello,

I have not been able to get the ip_gre module and tunnel to work.  I
currently use the ip_wccp module
(http://www.squid-cache.org/WCCP-support/Linux/) and no configured
tunnel on the linux box.

Thanks,
 
 Bryan

-Original Message-
From: Mark Elsen [mailto:[EMAIL PROTECTED] 
Sent: February 8, 2006 9:22 AM
To: [EMAIL PROTECTED]
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] RHEL v4 + Squid + wccp

 :
 hello,

 I have implemented WCCP on a cisco router, IOS (Cisco
 IOS Software, C1700 Software (C1700-K9O3SY7-M),
 Version 12.3(14)T2, RELEASE SOFTWARE (fc4))
 Linux sever : Registered RHEL ES v4 Update 2

 Since my CISCO  router sends packets through an ip_gre
 tunnel, and when I load the ip_wccp  module into the
 linux kernel, I cannot push the ip_gre module in the
 kernel as well. Therefore I cannot created a gre tunel
 or better a secure gre tunnel for my linux - router
 communication.


  http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.13

 (checkout all sections)

 M.

[squid-users] RHEL v4 + Squid + wccp

2006-02-08 Thread Daniel EPEE LEA 
hello,

I have implemented WCCP on a cisco router, IOS (Cisco
IOS Software, C1700 Software (C1700-K9O3SY7-M),
Version 12.3(14)T2, RELEASE SOFTWARE (fc4))
Linux sever : Registered RHEL ES v4 Update 2

Since my CISCO  router sends packets through an ip_gre
tunnel, and when I load the ip_wccp  module into the
linux kernel, I cannot push the ip_gre module in the
kernel as well. Therefore I cannot created a gre tunel
or better a secure gre tunnel for my linux - router
communication.

How can I fix this ?  

Thanks for your help.

Much regards,

Daniel

-
T OG O D   B ET H E G L O R Y :)
--

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Re: [squid-users] RHEL v4 + Squid + wccp

2006-02-08 Thread Mark Elsen 
 :
 hello,

 I have implemented WCCP on a cisco router, IOS (Cisco
 IOS Software, C1700 Software (C1700-K9O3SY7-M),
 Version 12.3(14)T2, RELEASE SOFTWARE (fc4))
 Linux sever : Registered RHEL ES v4 Update 2

 Since my CISCO  router sends packets through an ip_gre
 tunnel, and when I load the ip_wccp  module into the
 linux kernel, I cannot push the ip_gre module in the
 kernel as well. Therefore I cannot created a gre tunel
 or better a secure gre tunnel for my linux - router
 communication.


  http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.13

 (checkout all sections)

 M.