<html><head></head><body><div class="ydpfcdc63c7yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
        <div><br></div><div>Tank you, I see it now.</div><div>It does not help me, I want to have an acl to select traffic (<span>HTTP traffic that comes from client to squid</span>) that have a specific packet mark and then send them out with another mark. like this:</div><div><div><span><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">In iptables-mangle-PREROUTING:  </div></span></div><div><span></span><br></div><span><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">iptables -t mangle -A PREROUTING -p tcp --dport 80  -j MARK --set-mark 1</div><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><span><br></span></div><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><span></span>In Squid Configuration:</div><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">acl MARKED_PACKETS nfmark 1</div><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;">tcp_outgoing_mark 1 MARKED_PACKETS<br></div><div class="ydp23966f0yiv4963861188ydpa86c133byahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><br></div></span><div>Is that possible or not?</div><div>I want this kind of marks because I need to determine source interface of packets after they go out of squid! <br></div></div>
        
        </div><div id="yahoo_quoted_0007347842" class="yahoo_quoted">
            <div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
                
                <div>
                    On Friday, October 12, 2018, 6:37:44 PM GMT+3:30, Antony Stone <Antony.Stone@squid.open.source.it> wrote:
                </div>
                <div><br></div>
                <div><br></div>
                <div><div dir="ltr">On Friday 12 October 2018 at 16:41:44, morteza omidian wrote:<br clear="none"><br clear="none">> HiI asked my question before.It seems that anybody can not answer it!!<br clear="none"><br clear="none">Did you miss the response from Amos?<br clear="none"><br clear="none"><a shape="rect" href="http://lists.squid-cache.org/pipermail/squid-users/2018-October/019389.html" target="_blank">http://lists.squid-cache.org/pipermail/squid-users/2018-October/019389.html</a><div class="yqt8161295153" id="yqtfd64358"><br clear="none"><br clear="none">> As you know, we can mark packets when they go out of squid with<br clear="none">> "tcp_outgoing_mark", this mark is based on Source IP or Source MAC of<br clear="none">> client, but i want to mark them based on mark of input packet, something<br clear="none">> like this: In iptables > mangle > PREROUTING:<br clear="none">> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1<br clear="none">> In Squid Configuration:acl MARKED_PACKETS nfmark 1tcp_outgoing_mark 1<br clear="none">> MARKED_PACKETS<br clear="none">> <br clear="none">> <br clear="none">> Is that possible? How can i solve my problem??<br clear="none">> Tanx</div><br clear="none"><br clear="none">PS: Please do not set "Reply-to" on list emails.<br clear="none"><br clear="none">Thanks,<br clear="none"><br clear="none"><br clear="none">Antony.<br clear="none"><br clear="none">-- <br clear="none">Schrödinger's rule of data integrity: the condition of any backup is unknown <br clear="none">until a restore is attempted.<br clear="none"><br clear="none">                                                   Please reply to the list;<br clear="none">                                                         please *don't* CC me.<br clear="none">_______________________________________________<br clear="none">squid-users mailing list<br clear="none"><a shape="rect" ymailto="mailto:squid-users@lists.squid-cache.org" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br clear="none"><a shape="rect" href="http://lists.squid-cache.org/listinfo/squid-users" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><div class="yqt8161295153" id="yqtfd43839"><br clear="none"></div></div></div>
            </div>
        </div></body></html>