Hi All,
I'm trying to get Squid to work as a transparent proxy on Fedora 10.
I've done the following settings with no luck:
- LAN Subnet: 192.168.0.0/24
- Cisco Router: 192.168.0.1
- Linux Proxy : 192.168.0.108
- Fedora 10
- Squid 3.0
- modprobe ip_gre << didn't give any output, thus module exists.
- Disabled firewall, and set default rule to accept all, on both
input/output/forwarding (just to get things started with no hassle)
-set SElinux management to permissive.
------------------added to Squid.conf:------------------
acl MyNet src 192.168.0.0/24
http_access allow MyNet (this is set before the deny all rule)
wccp_router 192.168.0.1
http_port 3128 transparent
------------------connectivity------------------
ip tunnel add wccp0 mode gre remote 192.168.0.1 local 192.168.0.108 dev eth0
ip addr add 192.168.0.108/24 dev wccp0
ip link set wccp0 up
iptables -t nat -A PREROUTING -i wccp0 -j REDIRECT -p tcp --to-port 80 <<--
to direct from GRE to port 80
------------------Cisco 2811 Router:------------------
conf t
ip wccp version 1
ip wccp web-cache
int vlan1 (Interface facing the itnernet)
ip wccp web-cache redirect out
int f0/1 (interface facing my LAN)
ip wccp web-cache redirect out
------------------sh ip wccp gives the following:------------------
Global WCCP information:
Router information:
Router Identifier: X.X.X.X (my router's PUblic IP)
Protocol Version: 1.0
Service Identifier: web-cache
Number of Service Group Clients: 0
Number of Service Group Routers: 1
Total Packets s/w Redirected: 0
Process: 0
Fast: 0
CEF: 0
Redirect access-list: -none-
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
Received on Thu Dec 18 2008 - 14:20:48 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 18 2008 - 12:00:03 MST