[squid-users] squid and iptables
morteza omidian
morteza1131 at yahoo.com
Fri Oct 12 16:13:06 UTC 2018
Tank you, I see it now.It does not help me, I want to have an acl to select traffic (HTTP traffic that comes from client to squid) that have a specific packet mark and then send them out with another mark. like this:In iptables-mangle-PREROUTING:
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
In Squid Configuration:acl MARKED_PACKETS nfmark 1tcp_outgoing_mark 1 MARKED_PACKETS
Is that possible or not?I want this kind of marks because I need to determine source interface of packets after they go out of squid!
On Friday, October 12, 2018, 6:37:44 PM GMT+3:30, Antony Stone <Antony.Stone at squid.open.source.it> wrote:
On Friday 12 October 2018 at 16:41:44, morteza omidian wrote:
> HiI asked my question before.It seems that anybody can not answer it!!
Did you miss the response from Amos?
http://lists.squid-cache.org/pipermail/squid-users/2018-October/019389.html
> As you know, we can mark packets when they go out of squid with
> "tcp_outgoing_mark", this mark is based on Source IP or Source MAC of
> client, but i want to mark them based on mark of input packet, something
> like this: In iptables > mangle > PREROUTING:
> iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
> In Squid Configuration:acl MARKED_PACKETS nfmark 1tcp_outgoing_mark 1
> MARKED_PACKETS
>
>
> Is that possible? How can i solve my problem??
> Tanx
PS: Please do not set "Reply-to" on list emails.
Thanks,
Antony.
--
Schrödinger's rule of data integrity: the condition of any backup is unknown
until a restore is attempted.
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20181012/19470e4b/attachment.html>
More information about the squid-users
mailing list