Squid wont works with rpm 
        You have to install squid Source  with  -enable-linux-netfilter  
feature.
        
-----Original Message-----
From:   Kola Ibikunle [mailto:[EMAIL PROTECTED] 
Sent:   Saturday, July 09, 2005 2:38 AM
To:     squid-users@squid-cache.org
Subject:        [squid-users] Transparent Proxy using squid and wccp

Hello,

I have attempted to conduct a transparent proxy using squid and a cisco 
router according to information in the article 
http://www.linux-mag.com/content/view/1957/2303.

It seems to me that the packets are getting redirected by the router but 
squid isnt forwarding. Please look thru and advise

Squid runs on Fedora Core 3 and installed via rpm. The router run IOS 12.2

I succeeded in getting the squid box registered with router

Router#sh ip wccp
Global WCCP information:
 Router information:
     Router Identifier:                   192.168.1.18
     Protocol Version:                    1.0

 Service Identifier: web-cache
     Number of Cache Engines:             1
     Number of routers:                   1
     Total Packets Redirected:            3660
     Redirect access-list:                150
     Total Packets Denied Redirect:       0
     Total Packets Unassigned:            0
     Group access-list:                   -none-
     Total Messages Denied to Group:      0
     Total Authentication failures:       0


but I am unable to browse

tcpdump on the linux box running FC 3 shows

unreacheable admin prohibited


while the debug screenshot is
Router#
*Mar  1 03:17:39.183: WCCP-PKT: Received valid Here_I_Am packet from 
192.168.1.23 w/rcvd_id 00000335
*Mar  1 03:17:39.183: WCCP-PKT: Sending I_See_You packet to 192.168.1.23 
w/ rcvd_id 00000336
*Mar  1 03:17:46.491: ICMP: dst (192.168.1.18) prohibited unreachable 
rcv from 192.168.1.23
*Mar  1 03:17:49.195: WCCP-PKT: Received valid Here_I_Am packet from 
192.168.1.23 w/rcvd_id 00000336
*Mar  1 03:17:49.195: WCCP-PKT: Sending I_See_You packet to 192.168.1.23 
w/ rcvd_id 00000337
*Mar  1 03:17:49.443: ICMP: dst (192.168.1.18) prohibited unreachable 
rcv from 192.168.1.23



Below is my Router COnfig

Router#sh conf
Using 1198 out of 155640 bytes
!
version 12.2
service config
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
enable secret 5 $1$.nU6$zrTYq3u9FqrEs1z3VR6yO/
enable password 12345
!
ip subnet-zero
ip wccp version 1
ip wccp web-cache redirect-list 150
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
mta receive maximum-recipients 0
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.18 255.255.255.0
ip nat inside
no ip mroute-cache
speed auto
half-duplex
no cdp enable
!
interface FastEthernet0/1
ip address 111.222.111.110 255.255.255.128
ip wccp web-cache redirect out
ip nat outside
no ip mroute-cache
duplex auto
speed auto
no cdp enable
!
ip nat pool ovrld 111.222.111.110 111.222.111.110 prefix-length 24
ip nat inside source list 7 pool ovrld overload
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
ip http server
!
!
access-list 7 permit 192.168.1.0 0.0.0.255
access-list 150 permit tcp 192.168.1.0 0.0.0.255 any
access-list 150 deny   tcp any any
!
!
call rsvp-sync
!
!
mgcp profile default
!
!
!
dial-peer cor custom
!
!
!
!
line con 0
exec-timeout 0 0
line 33 62
flush-at-activation
line aux 0
line vty 0 4
password 1234
login
!
end



Reply via email to