I have configure my L3 switch to redirect the HTTP traffic to squid box:
from squid-wiki:
!
interface Ethernet0
description To Office Ethernet
ip address ROUTERIP 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
ip policy route-map proxy-redir
!
access-list 110 deny tcp host SQUIDIP any eq www
access-list 110 permit tcp any any eq www
route-map proxy-redir permit 10
match ip address 110
set ip next-hop SQUIDIP
but nothing is redirected, so I thought that I can try to change the
access-list above to something like that(and don't change any thing else):
access-list 10 permit 192.168.1.0 0.0.0.255
route-map proxy-redir permit 10
match ip address 10
(192.168.1.0 is the clients Network)
my questions are:
1 - I don't understand the logic of the default access-list,What does it do to
redirect HTTP traffic (why we deny tcp packet from squid?)
and why redirection didn't work?
2- Is my suggestion will work for redirection?
