Re: [squid-users] Cisco with WCCP!! newbie here..

From: <viveksnv_at_aol.in>
Date: Fri, 16 Jan 2009 12:30:09 -0500

Roland,

I have the same issue. I am using cisco 2800 IOS version 12.4(13b).

But it works in transparent mode perfectly. If we go Tproxy, it's not
working. Any IOS bug ?

I just share my problems also.

Thanks
Vk.

-----Original Message-----
From: Roland Roland <R_O_L_A_N_D_at_hotmail.com>
To: Ritter, Nicholas <Nicholas.Ritter_at_americantv.com>;
squid-users_at_squid-cache.org
Sent: Sat, 17 Jan 2009 7:57 am
Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

hello :)

I've took a break of working live on squid and started reading more
about it
to see what I'm getting myself into..

I managed to get the router and squid to see=2
 0each other and
troubleshoot the
GRE tunnel..

sh ip wccp shows hits.. but when I check the access.log and cache.log
of
squid I see nothing..

any idea what might be causing this?

heres the output of router debug:

6 17:10:14.012: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000020

6 17:10:14.012: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000021

6 17:10:14.016: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000020

6 17:10:14.016: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000021

6 17:10:31.504: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 0
 0000021

6 17:10:31.504: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000022

6 17:10:31.508: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000021

6 17:10:31.508: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000022

6 17:10:48.640: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000022

6 17:10:48.640: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000023

6 17:10:48.644: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000022

6 17:10:48.644: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000023

6 17:11:03.656: WCCP-PKT:D90: Received valid Here_I
 _Am packet from
192.168.0.2 w/rcv_id 00000023

6 17:11:03.656: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000024

6 17:11:03.656: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000023

6 17:11:03.656: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000024

6 17:11:17.056: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000024

6 17:11:17.056: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000025

6 17:11:17.060: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000024

6 17:11:17.060: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000025

6 17:11:
 28.060: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000025

6 17:11:28.060: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000026

6 17:11:28.064: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000025

6 17:11:28.064: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000026

6 17:11:42.904: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000026

6 17:11:42.904: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000027

6 17:11:42.904: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000026

6 17:11:42.904: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2 =0
 D
w/
rcv_id 00000027

6 17:11:56.640: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000027

6 17:11:56.640: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000028

6 17:11:56.644: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000027

6 17:11:56.644: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000028

6 17:12:11.392: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000028

6 17:12:11.392: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 00000029

6 17:12:11.392: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000028

6 17:12:11.392: WCCP-PKT:D80: S
 ending I_See_You packet to 192.168.0.2
w/
rcv_id 00000029

6 17:12:22.960: WCCP-PKT:D90: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000029

6 17:12:22.960: WCCP-PKT:D90: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 0000002A

6 17:12:22.968: WCCP-PKT:D80: Received valid Here_I_Am packet from
192.168.0.2 w/rcv_id 00000029

6 17:12:22.968: WCCP-PKT:D80: Sending I_See_You packet to 192.168.0.2
w/
rcv_id 0000002A

CME-Router#sh ip wccp

Global WCCP information:

   Router information:

       Router Identifier: 172.16.50.54

       Protocol Version: 2.0

 
   Service Identifier: web-cache

       Number of Service Group Clients: 0

       Number of Service Group Routers: 0

       Total Packets s/w Redirected: 0

         Process: 0

         Fast: 0

         CEF: 0

       Redirect access-list: 198

       Total Packets Denied Redirect: 0

       Total Packets Unassigned:
         0

       Group access-list: -none-

       Total Messages Denied to Group: 0

       Total Authentication failures: 0

       Total Bypassed Packets Received: 0

   Service Identifier: 80

       Number of Service Group Clients: 1

       Number of Service Group Routers: 1

       Total Packets s/w Redirected: 4475

         Process: 0

         Fast:
    0

         CEF: 4475

       Redirect access-list: 198

       Total Packets Denied Redirect: 0

       Total Packets Unassigned: 1853

       Group access-list: -none-

       Total Messages Denied to Group: 0

       Total Authentication failures: 0

       Total Bypassed Packets Received: 0

   Service Identifier: 90

       Number of Service Group Clients: 1

=2
 0 Number of Service Group Routers: 1

       Total Packets s/w Redirected: 0

         Process: 0

         Fast: 0

         CEF: 0

       Redirect access-list: 198

       Total Packets Denied Redirect: 0

       Total Packets Unassigned: 1369

       Group access-list: -none-
 0A
       Total Messages Denied to Group: 0

       Total Authentication failures: 0

       Total Bypassed Packets Received: 0

--------------------------------------------------

From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

Sent: Tuesday, December 23, 2008 8:10 AM

To: "Roland Roland" <R_O_L_A_N_D_at_hotmail.com>

Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

> Sorry for the dely in getting back to you.

>

>

> Ok....first manually check that squid is working properly. Do this by
> configuring the proxy server settings of the client browser manually
to
> point to the IP of
  the squid server and the non-redirected port
number of
> 3128 (if you are using the redirection iptables rules. This will
seperate
> WCCP and iptables from squid operation. If the squid access log show
> traffic and the web browser is getting pages, switch the port number
to
> port 80 on the web browser setup, this will verify iptables
redirection
> functionality.

>

> If the second test fails, do a "lsmod | grep tproxy" and see if
something
> like "xt_tproxy" shows up, also check the squid access log and see if
it
> is the case that squid sees the client request pages, and squid is
> fetching them...it is possible that squid sees the request and is
f
 etching
> but not getting the data back to the client.

>

> Also, check to see if the router is seeing the squid server. Do this
by
> doing a "sh ip wccp" in the router and see if the client/server
groups are
> greater than 0.

>

> Let me know what you see,.....we can coordinate an real-time chat
sometime
> too.

>

> Nick

>

> ________________________________

>

> From: Roland Roland [mailto:R_O_L_A_N_D_at_hotmail.com]

> Sent: Sun 12/21/2008 3:13 PM

> To: Ritter, Nicholas

> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>

>

>

> Hello :)

> I gave up!

> wccp isnt
 working with me...

> I've tried everything you asked me to do..

> and a few more tutorials from the net..

> NOTHING's working!!

>

> help!

>

> --------------------------------------------------

> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

> Sent: Tuesday, December 16, 2008 11:27 PM

> To: <R_O_L_A_N_D_at_hotmail.com>

> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>

>> Your squid.conf is missing "cache_dir" statements to tell it where
to put

>> HTTP items it is caching. For squid setup you may need to review the

>> docs/wiki or use the information contained in the squid config file.

>>

>> As for the 20IPtables issiue, I can't help you with that without
seeing the

>> error it is spitting out, and seeing the contents of

>> "/etc/sysconfig/iptables".

>>

>> Did the gre0 interface setup work?

>>

>> Nick

>>

>> ________________________________

>>

>> From: R_O_L_A_N_D_at_hotmail.com [mailto:R_O_L_A_N_D_at_hotmail.com]

>> Sent: Tue 12/16/2008 2:17 PM

>> To: Ritter, Nicholas

>> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>>

>>

>>

>> I really cant begin to thank you for all of the help you provided so
>> far..

>> but am afraid I have to bother you one more time if possible!

>>

>> I followed
  your instructions one by one, but I still am facing
probs.. on

>> booting I get a prob in iptables reading line1..

>> here's my squid.conf: http://pastebin.com/m401b5e09

>> and below is the debugging output:

>>

>>

>>

>> [root_at_localhost ~]# squid -NCd10

>> 2008/12/16 09:14:19| Starting Squid Cache version 2.6.STABLE6 for

>> i686-redhat-linux-gnu...

>> 2008/12/16 09:14:19| Process ID 5099

>> 2008/12/16 09:14:19| With 1024 file descriptors available

>> 2008/12/16 09:14:19| Using epoll for the IO loop

>> 2008/12/16 09:14:19| Performing DNS Tests...

>> 2008/12/16 09:14:19| Successful DNS name lookup tests...

>> 2008/12/16 09:14:19| DNS Socket create
 d at 0.0.0.0, port 32770, FD 5

>> 2008/12/16 09:14:19| Adding nameserver 198.6.1.5 from
/etc/resolv.conf

>> 2008/12/16 09:14:19| Adding nameserver 4.2.2.2 from /etc/resolv.conf

>> 2008/12/16 09:14:19| Adding domain localdomain from /etc/resolv.conf

>> 2008/12/16 09:14:19| User-Agent logging is disabled.

>> 2008/12/16 09:14:19| Referer logging is disabled.

>> 2008/12/16 09:14:19| Unlinkd pipe opened on FD 10

>> 2008/12/16 09:14:19| Swap maxSize 102400 KB, estimated 7876 objects

>> 2008/12/16 09:14:19| Target number of buckets: 393

>> 2008/12/16 09:14:19| Using 8192 Store buckets

>> 2008/12/16 09:14:19| Max Mem size: 8192 KB

>> 2008/12/16 09:14:19| Max Swap size: 102400 KB

>>
  2008/12/16 09:14:19| Local cache digest enabled; rebuild/rewrite
every

>> 3600/3600 sec

>> 2008/12/16 09:14:19| Rebuilding storage in /var/spool/squid (CLEAN)

>> 2008/12/16 09:14:19| Using Least Load store dir selection

>> 2008/12/16 09:14:19| Set Current Directory to /var/spool/squid

>> 2008/12/16 09:14:19| Loaded Icons.

>> 2008/12/16 09:14:19| Accepting transparently proxied HTTP
connections at

>> 0.0.0.0, port 3128, FD 12.

>> 2008/12/16 09:14:19| Accepting ICP messages at 0.0.0.0, port 3130,
FD 13.

>> 2008/12/16 09:14:19| WCCP Disabled.

>> 2008/12/16 09:14:19| Accepting WCCPv2 messages on port 2048, FD 14.

>> 2008/12/16 09:14:19| Initialising all WCCPv2 lists

>> 20
 08/12/16 09:14:19| Ready to serve requests.

>> 2008/12/16 09:14:19| Done reading /var/spool/squid swaplog (0
entries)

>> 2008/12/16 09:14:19| Finished rebuilding storage from disk.

>> 2008/12/16 09:14:19| 0 Entries scanned

>> 2008/12/16 09:14:19| 0 Invalid entries.

>> 2008/12/16 09:14:19| 0 With invalid flags.

>> 2008/12/16 09:14:19| 0 Objects loaded.

>> 2008/12/16 09:14:19| 0 Objects expired.

>> 2008/12/16 09:14:19| 0 Objects cancelled.

>> 2008/12/16 09:14:19| 0 Duplicate URLs purged.

>> 2008/12/16 09:14:19| 0 Swapfile clashes avoided.

>
> 2008/12/16 09:14:19| Took 0.6 seconds ( 0.0 objects/sec).

>> 2008/12/16 09:14:19| Beginning Validation Procedure

>> 2008/12/16 09:14:19| Completed Validation Procedure

>> 2008/12/16 09:14:19| Validated 0 Entries

>> 2008/12/16 09:14:19| store_swap_size = 0k

>> 2008/12/16 09:14:20| storeLateRelease: released 0 objects

>>

>> --------------------------------------------------

>> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

>> Sent: Tuesday, December 16, 2008 5:17 PM

>> To: "Roland Roland" <R_O_L_A_N_D_at_hotmail.com>

>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>

>>> ok....given what you have presented to me below, your setup should
n
 ot
>>> be

>>> working yet. It looks like there are several things that still need
to
>>> be

>>> done.

>>>

>>> 1) In squid.conf add:

>>>

>>> wccp2_router 192.168.0.1

>>> wccp_version 4

>>> wccp2_rebuild_wait on

>>> wccp2_forwarding_method 1

>>> wccp2_return_method 1

>>> wccp2_assignment_method 1

>>> wccp2_service dynamic 80

>>> wccp2_service dynamic 90

>>> wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240

>>> ports=80

>>> wccp2_service_info 90 protocol=tcp flags=dst_ip_hash,ports_source

>>> priority=240 ports=80

>>>

>>> 2) In "/etc/sysconfig/iptables" add:

>>>

>>> -A PREROUTING -i eth0
 -p tcp -m tcp --dport 80 -j REDIRECT
--to-ports

>>> 3128

>>> -A PREROUTING -i gre0 -p tcp -m tcp --dport 80 -j REDIRECT
--to-ports

>>> 3128

>>>

>>> 3) issue command: "modprobe ip_gre"

>>> 4) issue command: "lsmod | grep gre" and make sure "ip_gre" is
returned.

>>> 5) ifconfig gre0 192.168.0.7 netmask 255.255.255.0 up

>>> 6) issue command: "service iptables condrestart"

>>> 7) In your router do the following:

>>>

>>> global command: ip wccp web-cache

>>> On the interface which binds 192.168.0.1:

>>>

>>> ip wccp 80 redirect in

>>> ip wccp 90 redirect out

>>>

>>>

>>> 8) Issue (on the centos bo
 x): service squid restart

>>> 9) Wait 2 minutes, then on the router: "sh ip wccp" look for:

>>>

>>> Service Identifier: 80

>>> Number of Service Group Clients: 1

>>> Number of Service Group Routers: 1

>>>

>>> and:

>>>

>>> Service Identifier: 90

>>> Number of Service Group Clients: 1

>>> Number of Service Group Routers: 1

>>>

>>>

>>>

>>>

>>> ________________________________

>>>

>>> From: Roland Roland [mailto:R_O_L_A_N_D_at_hotmail.com]

>>> Sent: Mon 12/15/2008 5:34 PM

>>> To: Ritter, Nicholas

>>
> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>>>

>>>

>>>

>>> Hi yes I admit, ubuntu has been much easier, but nonetheless im
starting

>>> to

>>> enjoy centos! has lots of command line features missing in ubuntu..

>>>

>>> anyway here's what you asked for:

>>>

>>> 1) Are you using a loopback interface in the router?

>>> No, am not.

>>>

>>> 2) What is the IP of the centos server, a client machine, and the
>>> router.

>>> Centos: 192.168.0.7

>>> Client machine: 192.168.0.2

>>> Router: 192.168.0.1

>>>

>>> 3) The output of "service iptables status"

>>>

>>>

>>> [ro
 ot_at_localhost squid]# service iptables status

>>> Table: nat

>>> Chain PREROUTING (policy ACCEPT)

>>> num target prot opt source destination

>>>

>>> Chain POSTROUTING (policy ACCEPT)

>>> num target prot opt source destination

>>> 1 MASQUERADE all -- 192.168.122.0/24 0.0.0.0/0

>>>

>>> Chain OUTPUT (policy ACCEPT)

>>> num target prot opt source destination

>>>

>>> Table: filter

>>> Chain INPUT (policy ACCEPT)

>>> num target prot opt source destination

>>>=2
 01 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
udp

>>> dpt:53

>>> 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp

>>> dpt:53

>>> 3 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
udp

>>> dpt:67

>>> 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp

>>> dpt:67

>>> 5 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

>>>

>>> Chain FORWARD (policy ACCEPT)

>>> num target prot
 opt source destination

>>> 1 ACCEPT all -- 0.0.0.0/0 192.168.122.0/24
state

>>> RELATED,ESTABLISHED

>>> 2 ACCEPT all -- 192.168.122.0/24 0.0.0.0/0

>>> 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

>>> 4 REJECT all -- 0.0.0.0/0 0.0.0.0/0

>>> reject-with icmp-port-unreachable

>>> 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0

>>> reject-with icmp-port-unreachable

>>> 6 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

>>>
=0
 A
>>> Chain OUTPUT (policy ACCEPT)

>>> num target prot opt source destination

>>>

>>> Chain RH-Firewall-1-INPUT (2 references)

>>> num target prot opt source destination

>>> 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

>>> 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
icmp

>>> type

>>> 255

>>> 3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0

>>> 4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0

>>> 5 ACCEPT=2
 0 udp -- 0.0.0.0/0 224.0.0.251
udp

>>> dpt:5353

>>> 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
udp

>>> dpt:631

>>> 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
tcp

>>> dpt:631

>>> 8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
state

>>> RELATED,ESTABLISHED

>>> 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
state

>>> NEW

>>> tcp dpt:22

>>> 10 ACCEPT 20 tcp -- 0.0.0.0/0 0.0.0.0/0
state

>>> NEW

>>> tcp dpt:80

>>> 11 REJECT all -- 0.0.0.0/0 0.0.0.0/0

>>> reject-with icmp-host-prohibited

>>>

>>>

>>>

>>>

>>>

>>> 4) The output of "lsmod"

>>>

>>>

>>> Module Size Used by

>>> netloop 10945 0

>>> netbk 78145 0 [permanent]

>>> blktap 115941 2 [permanent]

>>> blkbk 22241 0 [permane
 nt]

>>> ipt_MASQUERADE 7617 1

>>> iptable_nat 11205 1

>>> ip_nat 21101 2 ipt_MASQUERADE,iptable_nat

>>> bridge 53853 0

>>> autofs4 24389 2

>>> hidp 23105 2

>>> rfcomm 42457 0

>>> l2cap 29505 10 hidp,rfcomm

>>> bluetooth 53797 5 hidp,rfcomm,l2cap

>>> sunrpc 144893 1

>>> ip_conntrack_netbios_ns 6977 0

>
>> ipt_REJECT 9537 3

>>> xt_state 6208 4

>>> ip_conntrack 53025 5

>>> ipt_MASQUERADE,iptable_nat,ip_nat,ip_conntrack_netbios_ns,xt_state

>>> nfnetlink 10713 2 ip_nat,ip_conntrack

>>> iptable_filter 7105 1

>>> ip_tables 17029 2 iptable_nat,iptable_filter

>>> ip6t_REJECT 9409 1

>>> xt_tcpudp 7105 16

>>> ip6table_filter 6849 1

>>> ip6_tables 18053 1 ip6table_filter

>>> x_tables 20 17349 8

>>>
ipt_MASQUERADE,iptable_nat,ipt_REJECT,xt_state,ip_tables,ip6t_REJECT,xt_t
cpudp,ip6_tables

>>> dm_multipath 22089 0

>>> video 21193 0

>>> sbs 18533 0

>>> backlight 10049 1 video

>>> i2c_ec 9025 1 sbs

>>> button 10705 0

>>> battery 13637 0

>>> asus_acpi 19289 0

>>> ac 9157 0

>>> ipv6 20 258401 15 ip6t_REJECT

>>> xfrm_nalgo 13765 1 ipv6

>>> crypto_api 11969 1 xfrm_nalgo

>>> lp 15849 0

>>> floppy 54949 0

>>> i2c_piix4 12237 0

>>> pcnet32 36805 0

>>> pcspkr 7105 0

>>> i2c_core 23745 2 i2c_ec,i2c_piix4

>>> mii 9409 1 pcnet32

>>> serio_raw 10693 0

>>> ide_cd =2
 0 40033 0

>>> parport_pc 29157 1

>>> cdrom 36705 1 ide_cd

>>> serial_core 23617 0

>>> parport 37641 2 lp,parport_pc

>>> dm_snapshot 21477 0

>>> dm_zero 6209 0

>>> dm_mirror 29381 0

>>> dm_mod 61405 9

>>> dm_multipath,dm_snapshot,dm_zero,dm_mirror

>>> ata_piix 22341 0

>>> libata 144637 1 ata_piix

>>
> sd_mod 24897 0

>>> scsi_mod 134861 2 libata,sd_mod

>>> ext3 123593 2

>>> jbd 56553 1 ext3

>>> uhci_hcd 25677 0

>>> ohci_hcd 23517 0

>>> ehci_hcd 33741 0

>>>

>>>

>>>

>>> 5) The output of "ifconfig"

>>>

>>> eth0 Link encap:Ethernet HWaddr 00:0C:29:C8:8E:D5

>>> inet addr:192.168.146.132 Bcast:192.168.146.255

>>> Mask:255.255.255.0

>>> 20 inet6 addr: fe80::20c:29ff:fec8:8ed5/64 Scope:Link

>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

>>> RX packets:1787 errors:0 dropped:0 overruns:0 frame:0

>>> TX packets:1444 errors:0 dropped:0 overruns:0 carrier:0

>>> collisions:0 txqueuelen:0

>>> RX bytes:1754176 (1.6 MiB) TX bytes:89731 (87.6 KiB)

>>>

>>> lo Link encap:Local Loopback

>>> inet addr:127.0.0.1 Mask:255.0.0.0

>>> inet6 addr: ::1/128 Scope:Host

>>> UP LOOPBACK RUNNING MTU:16436 Metric:1

>>> RX packets:2819 20errors:0 dropped:0 overruns:0 frame:0

>>> TX packets:2819 errors:0 dropped:0 overruns:0 carrier:0

>>> collisions:0 txqueuelen:0

>>> RX bytes:6214808 (5.9 MiB) TX bytes:6214808 (5.9 MiB)

>>>

>>> peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

>>> inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

>>> UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

>>> RX packets:1790 errors:0 dropped:0 overruns:0 frame:0

>>> TX packets:1510 errors:0 dropped:0 overruns:0 carrier:0

>>> collisions:0 txqueuelen:1000

>>> =2
 0 RX bytes:1754743 (1.6 MiB) TX bytes:101982 (99.5 KiB)

>>> Interrupt:16 Base address:0x1080

>>>

>>> vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

>>> inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link

>>> UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

>>> RX packets:1444 errors:0 dropped:0 overruns:0 frame:0

>>> TX packets:1787 errors:0 dropped:0 overruns:0 carrier:0

>>> collisions:0 txqueuelen:0

>>> RX bytes:89731 (87.6 KiB) TX bytes:1754176 (1.6 MiB)

>>>

>>> virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00

>>>
           inet addr:192.168.122.1 Bcast:192.168.122.255

>>> Mask:255.255.255.0

>>> inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link

>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

>>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0

>>> TX packets:63 errors:0 dropped:0 overruns:0 carrier:0

>>> collisions:0 txqueuelen:0

>>> RX bytes:0 (0.0 b) TX bytes:11976 (11.6 KiB)

>>>

>>> xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF

>>> UP BROADCAST RUNNING NOARP MTU:1500 Metric:1

>>> RX packets:40 err
 ors:0 dropped:0 overruns:0 frame:0

>>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

>>> collisions:0 txqueuelen:0

>>> RX bytes:10537 (10.2 KiB) TX bytes:0 (0.0 b)

>>>

>>>

>>>

>>> 6) The output from the router of the command: "sho ip wccp"

>>>

>>>

>>> omega#sh ip wccp

>>> Global WCCP information:

>>> Router information:

>>> Router Identifier: X.X.X.X (interface
facing
>>> the

>>> internet/Public ip)

>>> Protocol Version: 2.0

>>>

>>>=2
 0 Service Identifier: web-cache

>>> Number of Service Group Clients: 0

>>> Number of Service Group Routers: 0

>>> Total Packets s/w Redirected: 0

>>> Process: 0

>>> Fast: 0

>>> CEF: 0

>>> Redirect access-list: -none-

>>> Total Packets Denied Redirect: 0

>>> 20 Total Packets Unassigned: 0

>>> Group access-list: -none-

>>> Total Messages Denied to Group: 0

>>> Total Authentication failures: 0

>>> Total Bypassed Packets Received: 0

>>>

>>>

>>> as for squid.conf, no I havent changed anything but these two:

>>> access list to allow my network

>>> http_access allowing that ACL.

>>>

>>>

>>> PS: I'm currently using a virtual machine, which is why you'll
notice
>>> the

>>> masquarading part. it's nated to my WIFI interface.

>>> 20once our setup is up and running I'll move set it all up again on
a

>>> server.. thought you should know :)

>>>

>>>

>>> --------------------------------------------------

>>> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

>>> Sent: Monday, December 15, 2008 11:52 PM

>>> To: "Roland Roland" <R_O_L_A_N_D_at_hotmail.com>

>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>

>>>> Ubuntu configures Squid more out of the box then CentOS does,
which is

>>>> why

>>>> the HTTP browsing should not be working yet.

>>>>

>>>> telnet should be disabled altogether, but only in the sense of a

>>>> telnet-transport based terminal=2
 0server (ie: telnetting into the
centos

>>>> server to get a command shell.)

>>>>

>>>> Can you list the following:

>>>>

>>>> 1) Are you using a loopback interface in the router?

>>>> 2) What is the IP of the centos server, a client maching, and the

>>>> router.

>>>> 3) The output of "service iptables status"

>>>> 4) The output of "lsmod"

>>>> 5) The output of "ifconfig"

>>>> 6) The output from the router of the command: "sho ip wccp"

>>>>

>>>>

>>>> With the above information, I think I can straighten this out for
you.

>>>> Also, did you edit the squid config file other than the "MyNet"
acl and

>>>> "http_access"?

>>>>

>>>> ________________________________

>>>>

>>>> From: Roland Roland [mailto:R_O_L_A_N_D_at_hotmail.com]

>>>> Sent: Mon 12/15/2008 3:21 PM

>>>> To: Ritter, Nicholas

>>>> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>>>>

>>>>

>>>>

>>>> ya I guess so..

>>>> but is it a firewall issue? because I could perfeclty telnet to it
>>>> doing

>>>> as

>>>> such :

>>>>

>>>> telnet 192.168.0.7 3128

>>>>

>>>> and a session opens up normaly (this is my current centos)

>>>> but I cant browse or use it as a proxy

>>>>

>>>> --------------------------------------------------

>>>> Fr
 om: "Ritter, Nicholas" <nicholas.ritter_at_americantv.com>

>>>> Sent: Monday, December 15, 2008 11:18 PM

>>>> To: "Roland Roland" <R_O_L_A_N_D_at_hotmail.com>

>>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>>

>>>>> Telnet or ssh?

>>>>>

>>>>> This is why I have issues with ubuntu. Sure things work, but
often at

>>>>> the

>>>>> expense of security.

>>>>>

>>>>> Sent from my Windows MobileĀ® phone.

>>>>>

>>>>> -----Original Message-----

>>>>> From: Roland Roland <R_O_L_A_N_D_at_hotmail.com>

>>>>> Sent: Monday, December 15, 2008 3:02 PM

>>>>> To: Ritter, Nicholas <Nicholas.Ritter_at_americantv.com>

>>>>> Subject: Re: [squid-users] Cisco wit
 h WCCP!! newbie here..

>>>>>

>>>>> I can't believe I got back to worse than I first started!!!

>>>>>

>>>>> I can't seem to use squid now.

>>>>> I simply installed it with yum install squid on centos 5.2

>>>>>

>>>>> and added:

>>>>> acl MyNet src 192.168.0.0/24

>>>>> http_access allow MyNet

>>>>>

>>>>> that's wht I did when I frst installed it on ubuntu and it worked
back

>>>>> then..!

>>>>>

>>>>> now on centos, I could telnet from outside to my box (that means
it

>>>>> opened

>>>>> tht port on the firewall)

>>>>> but nothing is returned!

>>>>> heres the output of firefox when I try to ope
 n any site to test
using

>>>>> my

>>>>> squid's IP/port:

>>>>>

>>>>> Connection Interrupted

>>>>> connection to the server was reset while the page was loading.

>>>>> The network link was interrupted while negotiating a connection.
>>>>> Please

>>>>> try

>>>>> again.

>>>>>

>>>>> any advice on what might be the prob ?

>>>>>

>>>>>

>>>>>

>>>>>

>>>>>

>>>>>

>>>>>

>>>>>

>>>>>

>>>>>

>>>>> --------------------------------------------------

>>>>> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

>>>>> Sent: Monday, December 15, 2008 4:50 PM

>>>>> To: "Roland Roland" <R_O_L_A_N_D_at_hotmail.com> 0D

>>>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>>>

>>>>>> Here are some items that will need to be accomplisted:

>>>>>>

>>>>>> 1) you will need to configure iptables to redirect port 80
traffic to

>>>>>> 3128

>>>>>> 2) Setup a GRE tunnel interface between the squid box, and the
>>>>>> router.

>>>>>> 3) configure WCCP on the router

>>>>>> 4) Edit the squid.conf config file for the squid server.

>>>>>>

>>>>>>

>>>>>> With step 1, this step is largly depending on if you are ok with

>>>>>> running

>>>>>> the squid server on port 80 or not. If you choose to run the
squid

>>>>>> server

>>>>>>
  on port 80, you still need to edit iptables rules to allow port
80

>>>>>> connections.

>>>>>>

>>>>>> Reference the following squid-cache.org wiki articles. And let
me
>>>>>> know

>>>>>> where I can fill in information and specific steps to help you
get up

>>>>>> and

>>>>>> running:

>>>>>>

>>>>>> http://wiki.squid-cache.org/ConfigExamples/Wccp2AndNat

>>>>>> http://wiki.squid-cache.org/ConfigExamples/SquidAndWccp2

>>>>>>

>>>>>> Create and bring up the GRE interface:

>>>>>>

>>>>>> modprobe ip_gre

>>>>>> ifconfig gre0 <address of squid server (duplicate of the eth0

>>>>>> interface

>>>>>> address)> netmask 255.255.255.0 up

>>>>>>

=0
 A>>>>>> If the above commands don't give errors, you can add them to

>>>>>> "/etc/rc.d/init.d/rc.local" so that get done at each boot up.

>>>>>>

>>>>>>

>>>>>>

>>>>>> For the GRE tunnel rules for iptables, you will need something
like

>>>>>> (add

>>>>>> to /etc/sysconfig/iptables, then "service iptables
condrestart"):

>>>>>>

>>>>>> iptables -A INPUT -i gre0 -j ACCEPT iptables -A INPUT -i gre0 -j

>>>>>> ACCEPT

>>>>>>

>>>>>> iptables -A INPUT -p gre -j ACCEPT

>>>>>> iptables -A RH-Firewall-1-INPUT -s <address of router>/32 -p udp
-m

>>>>>> udp --dport 2048 -j ACCEPT

>>>>>>

>>>>>> The first to rules allow gre protocol, and 20traffic onthe gre

>>>>>> interface,

>>>>>> the second rule allows WCCP control traffic.

>>>>>> ________________________________

>>>>>>

>>>>>> From: Roland Roland [mailto:R_O_L_A_N_D_at_hotmail.com]

>>>>>> Sent: Sun 12/14/2008 3:17 PM

>>>>>> To: Ritter, Nicholas

>>>>>> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>

>>>>>>

>>>>>>

>>>>>> Hey :)

>>>>>> I just installed centos 5.2 out of dvd with desktop-gnome.

>>>>>> and followed the instructions u've specified as well as
installed

>>>>>> squid

>>>>>> using "yum install squid" and backed up squid.conf to desktop.

>>>>>> now what are the steps you want me to follow..

=0
 A>>>>>>

>>>>>> thanks in advance,

>>>>>>

>>>>>> Roland

>>>>>>

>>>>>> --------------------------------------------------

>>>>>> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

>>>>>> Sent: Friday, December 12, 2008 6:58 PM

>>>>>> To: <R_O_L_A_N_D_at_hotmail.com>

>>>>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>

>>>>>>> with the netinstall, the http url is tricky...but doable. The
DVD

>>>>>>> works

>>>>>>> the best regardless. IM'ing would work better, I just don't
have an

>>>>>>> IM

>>>>>>> client installed. I have an IRC client installed....or...now
that I

>>>>>>> think

>>>>>>> about it...I have a gmail account
 ....could use gmail IM...never
done

>>>>>>> it

>>>>>>> though.

>>>>>>>

>>>>>>> Nick

>>>>>>>

>>>>>>>

>>>>>>> -----Original Message-----

>>>>>>> From: R_O_L_A_N_D_at_hotmail.com [mailto:R_O_L_A_N_D_at_hotmail.com]

>>>>>>> Sent: Fri 12/12/2008 9:45 AM

>>>>>>> To: Ritter, Nicholas

>>>>>>> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>>

>>>>>>> hey :) am downloading the DVD release just now..

>>>>>>> half way through!

>>>>>>> I got the netinstall image, burned it and gave the HTTP option
a
>>>>>>> try,

>>>>>>> it

>>>>>>> gets stuck on image retrieval..

>>>>>>>

>>>>>>> I guess the DVD image would be done soon=2
 0enough, I'm going to
>>>>>>> install

>>>>>>> it

>>>>>>> on

>>>>>>> a virtual machine in order to test, and if everything is setup

>>>>>>> smoothly

>>>>>>> (centos/squid) I'll proceed with the squid configuration
depending
>>>>>>> on

>>>>>>> your

>>>>>>> advice..

>>>>>>>

>>>>>>> if you don't mind is there a sort of IM I could contact you on?
or

>>>>>>> you

>>>>>>> prefer to keep it over here..?

>>>>>>>

>>>>>>> --------------------------------------------------

>>>>>>> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

>>>>>>> Sent: Friday, December 12, 2008 4:51 PM

>>>>>>> To: <R_O_L_A_N_D_at_hotmail.com>

>>>>>>> Subject: RE: [s
 quid-users] Cisco with WCCP!! newbie here..

>>>>>>>

>>>>>>>> Sure.

>>>>>>>>

>>>>>>>> I never use the live cd for installs, always other the DVD, or

>>>>>>>> netinstall

>>>>>>>> cd.

>>>>>>>>

>>>>>>>> Make sure you do a minimal install. Don't install any of the
>>>>>>>> package

>>>>>>>> groups, although it won't hurt if you do.

>>>>>>>>

>>>>>>>> If you have never installed CentOS before, let me know if you
have

>>>>>>>> questions, but after the initial install and boot up, you will
be

>>>>>>>> presented with a semi-graphical (ncurses) interface that has a
menu

>>>>>>>> and

>>>>>>>> items on it for configuring running services
 , firewall,
network,

>>>>>>>> etc.

>>>>>>>> You

>>>>>>>> want to make sure the box has a static IP (a private ip behind
the

>>>>>>>> NAT

>>>>>>>> GW

>>>>>>>> is fine.) In the "Firewall configuration", set the "Security
Level"

>>>>>>>> to

>>>>>>>> "Enabled" and "SELinux" to "Permissive". In "System Services",

>>>>>>>> disable

>>>>>>>> any

>>>>>>>> service that contains "sendmail", and/or "rpc", and/or "nfs".

>>>>>>>>

>>>>>>>> If you don't get to a menu, or want to go back to it, just
type

>>>>>>>> "setup"

>>>>>>>> at

>>>>>>>> the root CLI prompt.

>>>>>>>>

>>>>>>>> Note: step 1 and 2 are separate for=2
 0a reason, as it will
produce
>>>>>>>> the

>>>>>>>> most

>>>>>>>> effect way of accomplishing specific goals for updating
software.

>>>>>>>>

>>>>>>>> 1) run (as root): yum update yum rpm python

>>>>>>>> - this will update yum, rpm, and python

>>>>>>>> - you will be asked to confirm selections, just type: y

>>>>>>>> - you will be asked to import an GPG signing key, just type: y

>>>>>>>>

>>>>>>>> 2) run (as root): yum update

>>>>>>>> - this will update the rest of the software packages on the
system

>>>>>>>> - you will be asked to confirm selections, just type: y

>>>>>>>>

>>>>>>>> 3) reboot

>>>>>>>>

>>>>>>>> -----
 Original Message-----

>>>>>>>> From: R_O_L_A_N_D_at_hotmail.com [mailto:R_O_L_A_N_D_at_hotmail.com]

>>>>>>>> Sent: Fri 12/12/2008 7:55 AM

>>>>>>>> To: Ritter, Nicholas

>>>>>>>> Subject: Re: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>>>

>>>>>>>> Hi :)

>>>>>>>> I'm having a bit of trouble installing centos from the lvie
cd..

>>>>>>>> am downloading at the moment.. centos dvd..

>>>>>>>>

>>>>>>>> in the meantime could you provide any sort of step that youd
like
>>>>>>>> me

>>>>>>>> to

>>>>>>>> do..!

>>>>>>>> since im going to install squid over centos I guess your
already

>>>>>>>> familiar

>>>>>>>> with all the steps?

>>>>>>>>

 
>>>>>>>>

>>>>>>>>

>>>>>>>> --------------------------------------------------

>>>>>>>> From: "Ritter, Nicholas" <Nicholas.Ritter_at_americantv.com>

>>>>>>>> Sent: Friday, December 12, 2008 1:54 AM

>>>>>>>> To: "RoLaNd RoLaNd" <r_o_l_a_n_d_at_hotmail.com>

>>>>>>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>>>

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>>>hey :) i cant begin to thank you for your help..

>>>>>>>>>

>>>>>>>>> No prob...I know what it is like to want to accomplish
something

>>>>>>>>> and

>>>>>>>>> needing help.

>>>>>>>>>

>>>>>>>>>>>1) i dont think that would make a difference (correct me if
im

>>>>>>>>>>>wrong)

=0
 A>>>>>>>>>>>since the destination would only see my router's public ip!

>>>>>>>>>>>unless if theres something i'm not familiar with please do
advise

>>>>>>>>>>>me

>>>>>>>>>>>whts

>>>>>>>>>>>the best course of action..

>>>>>>>>>

>>>>>>>>> If you are NATing to the Internet, than you are correct and
you

>>>>>>>>> don't

>>>>>>>>> need

>>>>>>>>> client spoofing...which is good because it is easier to do.

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>>>2) Version 12.4(17b), RELEASE SOFTWARE (fc2) Cisco 2811
>>>>>>>>>>>(revision

>>>>>>>>>>>53.51

>>>>>>>>>

>>>>>>>>> Cisco IOS has been buggy at times with the WCCP feature. Make
sure

>>>>>>>>> you

>>>>>>>>>
  are

>>>>>>>>> running something in the T release train. Do you have access
to
>>>>>>>>> the

>>>>>>>>> IOS

>>>>>>>>> downloads on Cisco.com?

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>>>as for the rest, well my squid isnt active, so i dont have a

>>>>>>>>>>>problem

>>>>>>>>>>>installing CENTOS and squid again on on my box if that would
help

>>>>>>>>>>>me

>>>>>>>>>>>reach >>my goal..

>>>>>>>>>>>i never used centos before! i'm only familiar with Ubuntu
and

>>>>>>>>>>>fedora.

>>>>>>>>>>>but

>>>>>>>>>>>i do have one of it's images ( CentOS-5.1-i386-LiveCD )

>>>>>>>>>>>would this do?! i'll format with it and install squid
 on
it..

>>>>>>>>>

>>>>>>>>> Get the netinstall ISO and do a minimal install and I would
say

>>>>>>>>> that

>>>>>>>>> you

>>>>>>>>> could install the squid that comes with the CentOS 5.2
distro, or

>>>>>>>>> we

>>>>>>>>> can

>>>>>>>>> custom build it. After install, do a "yum update"

>>>>>>>>>

>>>>>>>>>>>do u have a specific squid version ud like to advise me with
?!
>>>>>>>>>>>or

>>>>>>>>>>>anything i should do before installign it ?

>>>>>>>>>

>>>>>>>>> The latest 2.6STABLE release is fine.

>>>>>>>>>

>>>>>>>>>

>>>>>>>>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>>>>> Date: Thu, 11 Dec 20
 08 13:37:36 -0600

>>>>>>>>>> From: Nicholas.Ritter_at_americantv.com

>>>>>>>>>> To: r_o_l_a_n_d_at_hotmail.com

>>>>>>>>>>

>>>>>>>>>> Here are a few questions:

>>>>>>>>>>

>>>>>>>>>> 1) Do you want transparent redirection via WCCP with or
without

>>>>>>>>>> the

>>>>>>>>>> remote website seeing the client machine IP?

>>>>>>>>>> 2) What IOS feature set and version/revision are you using
on the

>>>>>>>>>> 2811

>>>>>>>>>> router? (WCCP support is buggy depending on the revision
level.)

>>>>>>>>>> 3) Which version of Squid are you running?

>>>>>>>>>> 4) Which version of Linux kernel are you running?

>>>>>>>>>>

>>>>>>>>>> On you ubuntu box, run "insmod gre" 20then "lsmod" and see if
the

>>>>>>>>>> gre

>>>>>>>>>> module loads, if you get an error, try "insmod ip_gre"
instead.

>>>>>>>>>>

>>>>>>>>>> I can help you more if you are using CentOS 5.2 rather than

>>>>>>>>>> Ubuntu.

>>>>>>>>>> With

>>>>>>>>>> ubuntu, I can't give you all of the specific command lines
with

>>>>>>>>>> arguments, etc.

>>>>>>>>>>

>>>>>>>>>> Nick

>>>>>>>>>>

>>>>>>>>>>

>>>>>>>>>> -----Original Message-----

>>>>>>>>>> From: RoLaNd RoLaNd [mailto:r_o_l_a_n_d_at_hotmail.com]

>>>>>>>>>> Sent: Thu 12/11/2008 1:28 PM

>>>>>>>>>> To: nicholas.ritter_at_americantv.com

>>>>>>>>>> Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

 

>>>>>>>>>>

>>>>>>>>>>

>>>>>>>>>> Hi Nicholas,

>>>>>>>>>>

>>>>>>>>>> thanks for replying so soon...

>>>>>>>>>>

>>>>>>>>>> is there anything specific you'd like to know about my
topology
>>>>>>>>>> in

>>>>>>>>>> order

>>>>>>>>>> for u to help out?!

>>>>>>>>>>

>>>>>>>>>>

>>>>>>>>>>

>>>>>>>>>> > Date: Thu, 11 Dec 2008 13:21:12 -0600

>>>>>>>>>> > From: Nicholas.Ritter_at_americantv.com

>>>>>>>>>> > To: r_o_l_a_n_d_at_hotmail.com; squid-users_at_squid-cache.org

>>>>>>>>>> > Subject: RE: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>>>>> >

>>>>>>>>>> > I can help you out with this as needed.

>>>>>>>>>> >

>>>>>>>>>> > Nick

>>>
>>>>>>> >

>>>>>>>>>> >

>>>>>>>>>> > -----Original Message-----

>>>>>>>>>> > From: RoLaNd RoLaNd [mailto:r_o_l_a_n_d_at_hotmail.com]

>>>>>>>>>> > Sent: Thu 12/11/2008 1:05 PM

>>>>>>>>>> > To: squid-users_at_squid-cache.org

>>>>>>>>>> > Subject: [squid-users] Cisco with WCCP!! newbie here..

>>>>>>>>>> >

>>>>>>>>>> >

>>>>>>>>>> > Hi All,

>>>>>>>>>> >

>>>>>>>>>> > am obviously a newbie here so am seeking an advice if i
may..

>>>>>>>>>> >

>>>>>>>>>> > my current topology is as such:

>>>>>>>>>> >

>>>>>>>>>> > cisco 2811 router---Lan (contains users/squid)

>>>>>>>>>> >

>>>>>>>>>> > Squid is installed on ubuntu.

>>>>>>>>>> > and has one NIC
 with static ip 192.168.0.14/24

>>>>>>>>>> >

>>>>>>>>>> > i've managed to get direct proxy working with minimal
>>>>>>>>>> > settings..

>>>>>>>>>> > but am finding it hard to set it as transparent..

>>>>>>>>>> > i looked around and found at squid-cache that i could use

>>>>>>>>>> > cisco's

>>>>>>>>>> > WCCP

>>>>>>>>>> > prot=

>>>>>>>>>> > ocol...

>>>>>>>>>> > i've checked the config examples but as i'm a newbie i got
a

>>>>>>>>>> > little

>>>>>>>>>> > bit

>>>>>>>>>> > los=

>>>>>>>>>> > t!!!

>>>>>>>>>> >

>>>>>>>>>> > could anyone help out?!

>>>>>>>>>> >

>>>>>>>>>> > any advice would be appreciated:)

>>>>>>>
>>> >

>>>>>>>>>> > thank you in advance..

>>>>>>>>>> >

>>>>>>>>>> > Roland

>>>>>>>>>> >
_________________________________________________________________

>>>>>>>>>> > Connect to the next generation of MSN Messenger

>>>>>>>>>> >
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline

>>>>>>>>>> >

>>>>>>>>>>

>>>>>>>>>>
_________________________________________________________________

>>>>>>>>>> Explore the seven wonders of the world

>>>>>>>>>>
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE

>>>>>>>>>>

>>>>>>>>>

>>>>>>>>>
_________________________________________________________________

>>>>>>>>> News, entertainment and everythin
 g you care about at
Live.com. Get

>>>>>>>>> it

>>>>>>>>> now!

>>>>>>>>> http://www.live.com/getstarted.aspx

>>>>>>>>>

>>>>>>>>>

>>>>>>>>

>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>>

>>>>

>>>>

>>>

>>>

>>

>>

>>

>>

>

>

>

>

________________________________________________________________________
You are invited to Get a Free AOL Email ID. - http://webmail.aol.in
Received on Fri Jan 16 2009 - 17:31:20 MST

This archive was generated by hypermail 2.2.0 : Fri Jan 16 2009 - 12:00:03 MST