[server:~] # cat /etc/pf.conf
rdr on em1 proto tcp from 192.168.X/24 to any port 80 -> 127.0.0.1 port 3128
[server:~] # tail -f /var/log/squid/access.log
root@server:~# iptables -t nat -F PREROUTING root@server:~# iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.X.0/24 --dport 80 -j REDIRECT --to-port 3128
root:~# tail -f /var/log/squid3/access.log
# cat squid.conf
... wccp_router 192.168.X.1 ...
root@server:~# cat /etc/sysctl.conf
... net.ipv4.ip_forward=1 net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.eth0.rp_filter=0 net.ipv4.conf.eth1.rp_filter=0 net.ipv4.conf.wccp0.rp_filter=0 ...
root@server:~# modprobe ip_gre root@server:~# ip tunnel add wccp0 mode gre remote 192.168.X.1 local 192.168.X.10 dev eth1 root@server:~# ip tunnel show root@server:~# ifconfig wccp0 up root@server:~# sysctl -f
root@server:~# iptables -t nat -F root@server:~# iptables -t nat -A PREROUTING -i wccp0 -p tcp -s 192.168.X.0/24 --dport 80 -j DNAT --to-destination 192.168.X.10:3128
root@server:~# iptables -t nat -vL root@server:~# tail -f /var/log/squid3/access.log
[server:~] # ifconfig gre0 create [server:~] # ifconfig gre0 link1 tunnel 192.168.X.10 192.168.X.1 up link1 - тип туннеля (man 4 gre)
[server:~] # cat /etc/pf.conf
rdr on gre0 proto tcp from 192.168.X/24 to any port 80 -> 127.0.0.1 port 3128
[server:~] # pfctl -vs nat rdr on gre0 inet proto tcp from 192.168.X.0/24 to any port = http -> 127.0.0.1 port 3128 [ Evaluations: 134 Packets: 28 Bytes: 10429 States: 2 ] [server:~] # tail -f /var/squid/logs/access.log
ip wccp version 1
ip wccp web-cache redirect-list ACL_REDIRECT_HTTP
interface FastEthernet1/0
no ip policy route-map RM_REDIRECT_HTTP
ip wccp web-cache redirect in
router#show ip wccp web-cache view
WCCP Routers Informed of:
-none-
WCCP Cache Engines Visible:
192.168.X.10
WCCP Cache Engines NOT Visible:
-none-
Остановка прокси не должна сказываться на работе пользователей