From owner-freebsd-bugs Sun Feb 2 9:10:16 2003 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8833A37B401 for ; Sun, 2 Feb 2003 09:10:13 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5245043FAF for ; Sun, 2 Feb 2003 09:10:11 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id h12HABNS086126 for ; Sun, 2 Feb 2003 09:10:11 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id h12HABl0086125; Sun, 2 Feb 2003 09:10:11 -0800 (PST) Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CBB737B401 for ; Sun, 2 Feb 2003 09:09:03 -0800 (PST) Received: from loops.nilpotent.org (loops.nilpotent.org [12.17.163.70]) by mx1.FreeBSD.org (Postfix) with SMTP id D766A43F43 for ; Sun, 2 Feb 2003 09:09:02 -0800 (PST) (envelope-from silence@nilpotent.org) Received: (qmail 84777 invoked from network); 2 Feb 2003 17:08:55 -0000 Received: from unknown (203.215.176.26) by loops.nilpotent.org with QMTP; 2 Feb 2003 17:08:55 -0000 Received: (qmail 407 invoked by uid 500); 2 Feb 2003 16:22:06 -0000 Message-Id: <20030202162205.406.qmail@homeworld.nilpotent.org> Date: 2 Feb 2003 16:22:05 -0000 From: Faried Nawaz Reply-To: Faried Nawaz To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: i386/47813: pseudo-device gre doesn't appear to work with WCCP Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 47813 >Category: i386 >Synopsis: pseudo-device gre doesn't appear to work with WCCP >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Feb 02 09:10:10 PST 2003 >Closed-Date: >Last-Modified: >Originator: Faried Nawaz >Release: FreeBSD 4.7-STABLE i386 >Organization: >Environment: System: FreeBSD homeworld.nilpotent.org 4.7-STABLE FreeBSD 4.7-STABLE #4: Fri Jan 31 21:17:53 PKST 2002 root@homeworld.nilpotent.org:/data-one/obj/data-three/freebsd_src/sys/homeworld i386 >Description: /sys/netinet/ip_gre.c appears to have WCCP support, but it doesn't work. There is a 3rd-party patch available that adds gre support for WCCP that does work. Since I need to use a third-party patch to do something that FreeBSD claims to do, FreeBSD has a bug in its code. >How-To-Repeat: 1. compile a kernel with pseudo-device gre and IPFILTER, install, reboot 2. install squid from ports, configure to enable WCCP 3. configure your (cisco) router to do WCCP 4. configure the gre tunnel, as described in gre(4) 5. configure ipnat on the freebsd box with this in /etc/ipnat.rules: rdr gre0 0.0.0.0/0 port 80 -> free.bsd.ip.address port 80 tcp 6. run ipnat -f /etc/ipnat.rules 7. do tcpdump -npi proto gre, and see gre traffic 8. run ipnat -l to see client packets redirected 9. do tcpdump -npi gre0, and see web traffic from clients a. do a tail -f on squid's access log and see...nothing. Compare with 1. download the gre patch and gre.c file from http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.11 2. install the patch and gre.c file. needs slight munging 3. compile a kernel as per instructions on that page, install, reboot 4. install squid from ports, configure to enable WCCP 5. configure your router to do WCCP 6. configure ipnat on the freebsd box with this in /etc/ipnat.rules: rdr rl0 0.0.0.0/0 port 80 -> free.bsd.ip.address port 80 tcp (substitute your ethernet interface for rl0) 7. run ipnat -f /etc/ipnat.rules 8. do a tail -f on squid's access logs and see traffic. >Fix: I wish I knew. Perhaps I'm doing the tunnel incorrectly. The man page isn't very helpful in this area. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message