[squid-users] Squid marking QOS and matching marks with linux iptables problem !
Ahmad Alzaeem
0xff1f at gmail.com
Thu May 21 00:03:02 UTC 2020
Hello Folks ,
Im trying to mark outgoing squid request based on Mark linux matching .
I added to squid conf :
qos_flows mark local-hit=0xd7
qos_flows mark local-miss=0xd7
-A OUTPUT -m mark --mark 0xd7 -j ACCEPT
But on iptables there is no match with the mark 0xd7
Im testing marking with squid and matching with iptables but its not matching , always statistics = 0 on linux iptables That mean its not matched .
Squid version is 4.8
Also squid was complied with '--enable-zph-qos’ flag
So not sure if I need specific config for squid .
Following :
https://wiki.squid-cache.org/Features/QualityOfService
Based on it we need kernel patch for TOS , but I dont need TOS , I just need Layer 3 DSP , Linux mark rule based .
i even tried to match traffic by mark and connmark and both did not help .
-A OUTPUT -m mark --mark 0xd7 -j ACCEPT
-A OUTPUT -m connmark --mark 0xd4 -j ACCEPT
So both rules above was not able to pickup squid marking .
Any helping Team on this case ?
Thank you
More information about the squid-users
mailing list