jinyedge's note

jinyedge's note
{http://www.jinyedge.pe.kr}

Hi, this is jinyedge. I'm a software developer. I hope you can find some useful information in my homepage.

jinyedge at gmail.com
Since 2001.12.05

Subj Cont

Subj: Freebsd, Squid transparent proxy with wccp v2.

Mtime: 2010-01-11 20:50:15

----------------------------------------------------------- 1. kernel compile options device gre options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD ----------------------------------------------------------- 2. rc.conf firewall_enable="YES" firewall_type="open" natd_enable="YES" natd_interface="le0" ----------------------------------------------------------- 3. ifconfig and ipfw 192.168.10.136 -> squid 192.168.10.199 -> router freecat# ifconfig gre0 create freecat# ifconfig gre0 192.168.10.136 10.20.30.40 netmask 255.255.255.255 link2 tunnel 192.168.10.136 192.168.10.199 up freecat# ipfw -f flush freecat# ipfw add fwd 127.0.0.1,80 tcp from any to any recv gre0 ----------------------------------------------------------- 4. squid.conf http_port 127.0.0.1:3128 transparent wccp2_router 192.168.10.199 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_service standard 0 ----------------------------------------------------------- 5. router setup router# config t router(config)# ip wccp version 2 router(config)# ip wccp web-cache redirect-list 110 router(config)# access-list 110 permit ip any any router(config)# interface FastEthernet 0/0 router(config-if)# ip wccp web-cache redirect out

-----------------------------------------------------------
1. kernel compile options

device gre
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_FORWARD


-----------------------------------------------------------
2. rc.conf

firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="le0"


-----------------------------------------------------------
3. ifconfig and ipfw

192.168.10.136 -> squid
192.168.10.199 -> router

freecat# ifconfig gre0 create
freecat# ifconfig gre0 192.168.10.136 10.20.30.40 netmask 255.255.255.255 link2 tunnel 192.168.10.136 192.168.10.199 up

freecat# ipfw -f flush
freecat# ipfw add fwd 127.0.0.1,80 tcp from any to any recv gre0


-----------------------------------------------------------
4. squid.conf

http_port 127.0.0.1:3128 transparent

wccp2_router 192.168.10.199
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_service standard 0


-----------------------------------------------------------
5. router setup

router# config t
router(config)# ip wccp version 2
router(config)# ip wccp web-cache redirect-list 110
router(config)# access-list 110 permit ip any any
router(config)# interface FastEthernet 0/0
router(config-if)# ip wccp web-cache redirect out