headers
Faried Nawaz | 2 Feb 2003 00:49

pseudo-device gre and wccp/squid

Hello,

Is anyone using the gre pseudo-device with squid for WCCP?  Try as I might
I can't get it to work for me.

I'm using FreeBSD 4.7-STABLE, using ipfilter's ipnat to redirect packets.
I've done

ifconfig gre0 create
ifconfig gre0 aaa.bbb.ccc.ddd fff.ggg.hhh.iii netmask 255.255.255.255 link0 up
ifconfig gre0 tunnel aaa.bbb.ccc.ddd fff.ggg.hhh.iii 

aaa.bbb.ccc.ddd is the web proxy's ip, fff.ggg.hhh.iii is the router's.

ipnat.rules has

rdr gre0 0.0.0.0/0 port 80 aaa.bbb.ccc.ddd port 8080 tcp

ipfilter is set to pass through all traffic, and there are no firewall rules
defined.

tcpdump on my ethernet interface shows gre packets coming in.

04:07:39.093205 fff.ggg.hhh.iii > aaa.bbb.ccc.ddd: gre gre-proto-0x883E

tcpdump on my gre0 interface shows incoming connections from the users, and
ipnat -l shows lots of redirects.

proxy1# ipnat -l | head
List of active MAP/Redirect filters:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Gokhan ERYOL | 2 Feb 2003 13:43

Re: pseudo-device gre and wccp/squid

Actually, since  "A gre(4) driver, which can encapsulate IP packets 
using GRE (RFC 1701) or minimal IP encapsulation for Mobile IP (RFC 
2004), has been added", WCCP over GRE has not been working on FreeBSD 
Stable systems, because there is no WCCP support in new GRE driver. I 
tried the same things as you did. I e-mailed this situation several 
times to lists since 12/11/2002, but there is no action.

Henrik Nordstom from squid-cache.org, said that adding WCCP support to 
an existing GRE module is in most cases trivial as the packet format is 
identical to plain IP over GRE except for the protocol type, and that 
GRE is only used in one direction (Router -> Proxy) not as a 
bidirectional tunnel.

Regards
Gokhan ERYOL

Faried Nawaz wrote:

>Hello,
>
>Is anyone using the gre pseudo-device with squid for WCCP?  Try as I might
>I can't get it to work for me.
>
>I'm using FreeBSD 4.7-STABLE, using ipfilter's ipnat to redirect packets.
>I've done
>
>ifconfig gre0 create
>ifconfig gre0 aaa.bbb.ccc.ddd fff.ggg.hhh.iii netmask 255.255.255.255 link0 up
>ifconfig gre0 tunnel aaa.bbb.ccc.ddd fff.ggg.hhh.iii 
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Ralph Forsythe | 2 Feb 2003 20:34

Rocketport serial card - help!

I'm trying to get a Rocketport 550 PCI card to work under FreeBSD 4.7.  I 
was under the impression it was supported by the OS, but I cannot get it to 
be recognized.

I have 'device  rp' in the kernel, recompiled and installed.  Has anyone 
made one of these work that could offer some suggestions?

Thanks!
- Ralph

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Permalink | Reply | 0 comments |
headers
Alexandr Listopad | 3 Feb 2003 11:34
Picon

Question about ppp.secret

 hi!

 I use ppp with great pleaseure already few years, but I see it has a
 problem with ``set proctitle "HISADDR"'' in ppp.conf.

 My users are stored in ppp.secret like 

	user	*	IP

 But /usr/bin/w or ps show me wrong ip for some users, ie:

15:22:41 root <at>  $ w tcza
15:22  up 10 days, 19:30, 11 users, load averages: 1,09 1,09 0,75
USER             TTY      FROM              LOGIN <at>   IDLE WHAT
tcza            d6       31200            12:05       - ppp: 192.168.1.130 (pp
15:22:49 root <at>  $ grep tcza /etc/ppp/ppp.secret
tcza   *       192.168.2.126
15:22:56 root <at>  $ ps -t d6
  PID  TT  STAT      TIME COMMAND
 6569  d6  Ss+    0:02,30 ppp: 192.168.1.130 (ppp)
15:23:19 root <at>  $ ifconfig |grep -1 6569
        inet 192.168.0.1 --> 192.168.2.126 netmask 0xffffffff
        Opened by PID 6569
tun4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
15:23:32 root <at>  $

Please, help me to fix this problem.

--

-- 
 Laa
(Continue reading)

Permalink | Reply | 0 comments |
headers
Carlos L.M. | 3 Feb 2003 12:03
Picon
Picon
Favicon

Mail server migration

Hi all,

  We have got an email server with SuSE/Linux, postfix
and uw-imapd server. We need to migrate this server to
FreeBSD with OpenLDAP, courier and postfix. How can I
do without loose a lot of mails ?? Where I can find
documentation about this??

Thank you very much and sorry for my bad english.

___________________________________________________
Yahoo! Móviles
Personaliza tu móvil con tu logo y melodía favorito 
en http://moviles.yahoo.es

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Permalink | Reply | 0 comments |
headers
Maxim Sobolev | 4 Feb 2003 11:04
Favicon

Re: Fwd: pseudo-device gre and wccp/squid

Hi,

It works here like a charm, but with ipfw(8), not ipfilter(8), so that
it might be where the problem is. The setup is as follows:

/etc/rc.firewall:
	[...]
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.0/28 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.16/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.28/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.32/29 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.48/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.52/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.68/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.72/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.76/30 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.80/29 to any 80
via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.100/30 to any
80 via gre0 in
        ${fwcmd} add fwd 127.0.0.1,3128 tcp from A.B.C.160/29 to any
(Continue reading)

Permalink | Reply | 0 comments |
headers
Scott Pilz | 4 Feb 2003 19:20

MPD & Cisco


	By chance, any idea if MPD can be used to VPN a Cisco PIX or Cisco
Router using DES3 encryption?

	Thanks,

	Scott

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Permalink | Reply | 1 comment |
headers
Frans ter Borg | 4 Feb 2003 20:46

Re: MPD & Cisco

On Tue, 4 Feb 2003, Scott Pilz wrote:

> 	By chance, any idea if MPD can be used to VPN a Cisco PIX or Cisco
> Router using DES3 encryption?

Racoon can do this (which doesn't really answer your question, I know).

I'd like to test it with mpd, but won't have a non-production PIX
available for this for a few weeks.

If you're interested in an example config for racoon, let me know.

Frans

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Permalink | Reply | 0 comments |
headers
Mark Johnston | 4 Feb 2003 21:46
Picon

DUMMYNET/IPFW/IPFILTER system requirements poll

Hi folks,

I'm looking at deploying a DUMMYNET/IPFW box to shape and filter
customer traffic, and I'm hoping to get an idea of what kind of
hardware is called for.  Is there anyone running any combination of
the firewalls/dummynet on 5mb+ of traffic that can provide their basic
system specs?  I'm mostly hoping to know roughly how many mbits you're
running on with what kind of processor and RAM, about how many
rules or pipes you have, and how loaded the system generally is.

Please send your replies directly to me and I'll summarize for the
list.  If you don't want me to mention your name/company in the summary,
please note that in your reply.

Thanks to any that can help out,

-Mark

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Permalink | Reply | 0 comments |
headers
Anton Blajev | 5 Feb 2003 19:03

Problem with smbd....

Hello group,
I have a "server" that is running bind, apache(Perl+PHP+FastCGI), mysql,
half life server and a samba server.
The pc is Athlon at 1.5 GHz with 512MB RAM, 2x80G hard drives(ATA 100,
7200).
There are 3 LAN  adaptors that are conected to the Machine and they are used
like this
xl0 -> real ips
xl1 -> Int. network (192.168.100.0)
xl2 -> Int. Network (192.168.0.0)

I've made samba binded only to xl1 and xl2.
The big problem is that when 10 or more users starts watching a movie
directly fromthe samba server, it starts slowing the movie....
systat -v shows that smbd is taking very little part of the system
resources, the hard drive loads are bigger than usual, but  I think it's ok.
Can you help...
any ideas?!?
Please Help!!
Ah the other problem is that I've never got IPX realy between xl1 and xl2
woking.
I have IPX compiled into the kernel and IPXRouted running but it simply
doesn't relay the IPX Doom game....
I dunno why.. Why this is happening?

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Permalink | Reply | 1 comment |

Gmane