Revision: 14286
Author: adrian.chadd
Date: Thu Aug 20 21:08:09 2009
Log: Edited wiki page through web user interface.
http://code.google.com/p/lusca-cache/source/detail?r=14286
Modified:
/wiki/ExampleTproxy4Linux.wiki
=======================================
--- /wiki/ExampleTproxy4Linux.wiki Thu Aug 20 21:05:22 2009
+++ /wiki/ExampleTproxy4Linux.wiki Thu Aug 20 21:08:09 2009
@@ -1,4 +1,5 @@
#summary A basic WCCPv2, TPROXY-4, Linux example setup
+#labels Configuration-Example
= Introduction =
@@ -19,10 +20,13 @@
Note that the proxy servers live on a separate VLAN to the clients and
internet - this way the Cisco can redirect traffic as appropriate to and
from the proxy.
+Redirection is done via L2 redirect, not GRE. The assignment method
is "mask", not hash.
+
= Details =
== Cisco Config ==
+{{{
ip wccp 80 redirect-list IP_WCCP_REDIRECT_INT
ip wccp 90 redirect-list IP_WCCP_REDIRECT_EXT
!
@@ -42,8 +46,28 @@
ip access-list extended IP_WCCP_REDIRECT_INT
permit ip 192.168.10.0 0.0.0.255 any
!
+}}}
== Linux Config ==
+
+=== /root/tproxy.sh ===
+{{{
+#!/bin/sh
+
+IPTABLES=/sbin/iptables
+${IPTABLES} -v -t mangle -N DIVERT
+${IPTABLES} -v -t mangle -A DIVERT -j MARK --set-mark 1
+${IPTABLES} -v -t mangle -A DIVERT -j ACCEPT
+
+${IPTABLES} -v -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
+${IPTABLES} -v -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
+
+ip rule add fwmark lookup 100
+ipfw route add local 0.0.0.0/0 dev lo table 100
+
+sysctl net.ipv4.ip_nonlocal_bind=1
+sysctl net.ipv4.ip_forward=1
+}}}
== Lusca Config ==
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"lusca-commit" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/lusca-commit?hl=en
-~----------~----~----~----~------~----~------~--~---
