From owner-freebsd-isp@FreeBSD.ORG Mon Apr 28 00:12:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7DA3737B401 for ; Mon, 28 Apr 2003 00:12:21 -0700 (PDT) Received: from backup.dagupan.com (mailserver.dagupan.com [202.91.161.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4BB6043F75 for ; Mon, 28 Apr 2003 00:12:16 -0700 (PDT) (envelope-from francisv@dagupan.com) Received: by mailserver.dagupan.com with Internet Mail Service (5.5.2656.59) id ; Mon, 28 Apr 2003 14:26:25 +0800 Message-ID: <10F29E27A956D511B0940050DA8D86A9084CB4@mailserver.dagupan.com> From: francisv@dagupan.com To: freebsd-isp@FreeBSD.ORG Date: Mon, 28 Apr 2003 14:26:25 +0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2656.59) Content-Type: text/plain Subject: Ipnat and WCCPv2 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Apr 2003 07:12:21 -0000 Hi all, I'm running transparent proxying using WCCPv2 and OOPS on a FreeBSD 4.8-STABLE machine. The kernel patched to make it see WCCPv2 traffic (GRE) from the router (Cisco 7200) and compiled with IPFILTER option enabled. I can see GRE packets coming from the router: tcpdump -x -n ip proto 47 tcpdump: listening on xl0 14:14:45.365136 202.91.161.253 > 202.91.161.251: gre gre-proto-0x883E 4500 0044 2221 0000 ff2f c0b9 ca5b a1fd ca5b a1fb 0000 883e 0000 00fb 4500 0028 02fc 4000 7e06 71fa ca5b ae03 4007 cf73 11a5 0050 6f9f 97c2 1cf5 9495 5010 faf0 6228 0000 14:14:45.463502 202.138.131.38 > 202.91.161.251: gre gre-proto-0x883E 4500 0044 0d21 0000 fe2f f561 ca8a 8326 ca5b a1fb 0000 883e 0000 0026 4500 0028 a92b 4000 7e06 2d1f ca5b a10c d888 e294 5259 0050 00b4 b852 6266 041a 5010 2238 f4e6 0000 [... and more] On the router, I know the packets are being redirected: IP Address: 202.91.161.251 Protocol Version: 2.0 State: Usable Initial Hash Info: 00000000000000000000000000000000 00000000000000000000000000000000 Assigned Hash Info: 24924924924924924924924924924924 92492492492492492492492492492492 Hash Allotment: 85 (33.20%) Packets Redirected: 9502 Connect Time: 00:16:47 However, I could not see any redirection happening at all (using ipnat -l): List of active MAP/Redirect filters: rdr xl0 0.0.0.0/0 port 80 -> 202.91.161.251 port 8080 tcp List of active sessions: However, I also have 2 other machines running FreeBSD 4.7-STABLE using the same WCCP patch and proxy application (OOPS) that can see redirected packets from the router. What could be the problem? --- francis a. vidal [bitstop network services] | http://www.bnshosting.net streaming media + web hosting | http://www.bitstop.ph v(02)330-2871,(02)330-2872; f(02)330-2873 | http://www.kuro.ph