*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
1 You need to build a kernel with the following options:
Next, its time to configure the IP firewall rules with ipfw. By default, there are no "allow" rules and all packets are denied. I added these commands to /etc/rc.local just to be able to use the machine on my network:
ipfw add 60000 allow all from any to any
But we're still not hijacking connections. To accomplish that, add these rules:
ipfw add 49 allow tcp from 10.0.3.22 to any
ipfw add 50 fwd 127.0.0.1 tcp from any to any 80
The second line (rule 50) is the one which hijacks the connection. The first line makes sure we never hit rule 50 for traffic originated by the local machine. This prevents forwarding loops.
Note that I am not changing the port number here. That is, port 80 packets are simply diverted to Squid on port 80. My Squid configuration is:
2. FreeBSD-4.8 and later
The operating system now comes standard with some GRE support. You need to make a kernel with the GRE code enabled:
And then configure the tunnel so that the router's GRE packets are accepted:
# ifconfig gre0 create
# ifconfig gre0 $squid_ip $router_ip netmask 255.255.255.255 up
# ifconfig gre0 tunnel $squid_ip $router_ip
# route delete $router_ip
Alternatively, you can try it like this:
ifconfig gre0 create
ifconfig gre0 $squid_ip 10.20.30.40 netmask 255.255.255.255 link1 tunnel $squid_ip $router_ip up
Since the WCCP/GRE tunnel is one-way, Squid never sends any packets to 10.20.30.40 and that particular address doesn't matter.
I have put all the gre tunnel configurations ing a start up script rc.local
When I start squid the cache.log file had the following messages
2004/07/26 18:23:56| Starting Squid Cache version 2.5.STABLE1 for i386-portbld-freebsd5.0...
2004/07/26 18:23:56| Process ID 453
2004/07/26 18:23:56| With 7293 file descriptors available
2004/07/26 18:23:56| Performing DNS Tests...
2004/07/26 18:23:56| Successful DNS name lookup tests...
2004/07/26 18:23:56| DNS Socket created at 0.0.0.0, port 49162, FD 5
2004/07/26 18:23:56| Adding nameserver 188.8.131.52 from /etc/resolv.conf
2004/07/26 18:23:56| Unlinkd pipe opened on FD 10
2004/07/26 18:23:56| Swap maxSize 102400 KB, estimated 7876 objects
2004/07/26 18:23:56| Target number of buckets: 393
2004/07/26 18:23:56| Using 8192 Store buckets
2004/07/26 18:23:56| Max Mem size: 8192 KB
2004/07/26 18:23:56| Max Swap size: 102400 KB
2004/07/26 18:23:56| Rebuilding storage in /usr/local/squid/cache (CLEAN)
2004/07/26 18:23:56| Using Least Load store dir selection
2004/07/26 18:23:56| Current Directory is /usr/local/squid/logs
2004/07/26 18:23:56| Loaded Icons.
2004/07/26 18:24:12| Accepting HTTP connections at 0.0.0.0, port 3128, FD 12.
2004/07/26 18:24:12| Accepting ICP messages at 0.0.0.0, port 3130, FD 13.
2004/07/26 18:24:12| Accepting SNMP messages on port 3401, FD 14.
2004/07/26 18:24:12| Accepting WCCP messages on port 2048, FD 15.
2004/07/26 18:24:12| Ready to serve requests.
2004/07/26 18:24:12| Done reading /usr/local/squid/cache swaplog (98 entries)
2004/07/26 18:24:12| Finished rebuilding storage from disk.
2004/07/26 18:24:12| 98 Entries scanned
2004/07/26 18:24:12| 0 Invalid entries.
2004/07/26 18:24:12| 0 With invalid flags.
2004/07/26 18:24:12| 98 Objects loaded.
2004/07/26 18:24:12| 0 Objects expired.
2004/07/26 18:24:12| 0 Objects cancelled.
2004/07/26 18:24:12| 0 Duplicate URLs purged.
2004/07/26 18:24:12| 0 Swapfile clashes avoided.
2004/07/26 18:24:12| Took 15.8 seconds ( 6.2 objects/sec).
2004/07/26 18:24:12| Beginning Validation Procedure
2004/07/26 18:24:12| Completed Validation Procedure
2004/07/26 18:24:12| Validated 98 Entries
2004/07/26 18:24:12| store_swap_size = 432k
2004/07/26 18:24:14| storeLateRelease: released 0 objects
I need some help