Date: 2 Feb 2003 16:22:05 -0000 From: Faried Nawaz <fn@hungry.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: i386/47813: pseudo-device gre doesn't appear to work with WCCP Message-ID: <20030202162205.406.qmail@homeworld.nilpotent.org>
next in thread | raw e-mail | index | archive | help
>Number: 47813 >Category: i386 >Synopsis: pseudo-device gre doesn't appear to work with WCCP >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Feb 02 09:10:10 PST 2003 >Closed-Date: >Last-Modified: >Originator: Faried Nawaz >Release: FreeBSD 4.7-STABLE i386 >Organization: >Environment: System: FreeBSD homeworld.nilpotent.org 4.7-STABLE FreeBSD 4.7-STABLE #4: Fri Jan 31 21:17:53 PKST 2002 root@homeworld.nilpotent.org:/data-one/obj/data-three/freebsd_src/sys/homeworld i386 >Description: /sys/netinet/ip_gre.c appears to have WCCP support, but it doesn't work. There is a 3rd-party patch available that adds gre support for WCCP that does work. Since I need to use a third-party patch to do something that FreeBSD claims to do, FreeBSD has a bug in its code. >How-To-Repeat: 1. compile a kernel with pseudo-device gre and IPFILTER, install, reboot 2. install squid from ports, configure to enable WCCP 3. configure your (cisco) router to do WCCP 4. configure the gre tunnel, as described in gre(4) 5. configure ipnat on the freebsd box with this in /etc/ipnat.rules: rdr gre0 0.0.0.0/0 port 80 -> free.bsd.ip.address port 80 tcp 6. run ipnat -f /etc/ipnat.rules 7. do tcpdump -npi <ethernet device> proto gre, and see gre traffic 8. run ipnat -l to see client packets redirected 9. do tcpdump -npi gre0, and see web traffic from clients a. do a tail -f on squid's access log and see...nothing. Compare with 1. download the gre patch and gre.c file from http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.11 2. install the patch and gre.c file. needs slight munging 3. compile a kernel as per instructions on that page, install, reboot 4. install squid from ports, configure to enable WCCP 5. configure your router to do WCCP 6. configure ipnat on the freebsd box with this in /etc/ipnat.rules: rdr rl0 0.0.0.0/0 port 80 -> free.bsd.ip.address port 80 tcp (substitute your ethernet interface for rl0) 7. run ipnat -f /etc/ipnat.rules 8. do a tail -f on squid's access logs and see traffic. >Fix: I wish I knew. Perhaps I'm doing the tunnel incorrectly. The man page isn't very helpful in this area. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030202162205.406.qmail>