[squid-users] Squid marking QOS and matching marks with linux iptables problem !
Ahmad Alzaeem
0xff1f at gmail.com
Sat May 23 13:17:07 UTC 2020
Hello Folks , any one in the mailing list can help me on the case ?
Thanks
> On May 21, 2020, at 3:03 AM, Ahmad Alzaeem <0xff1f at gmail.com> wrote:
>
> Hello Folks ,
>
> Im trying to mark outgoing squid request based on Mark linux matching .
>
> I added to squid conf :
>
> qos_flows mark local-hit=0xd7
> qos_flows mark local-miss=0xd7
>
> -A OUTPUT -m mark --mark 0xd7 -j ACCEPT
>
> But on iptables there is no match with the mark 0xd7
>
>
> Im testing marking with squid and matching with iptables but its not matching , always statistics = 0 on linux iptables That mean its not matched .
>
> Squid version is 4.8
> Also squid was complied with '--enable-zph-qos’ flag
>
> So not sure if I need specific config for squid .
>
> Following :
>
> https://wiki.squid-cache.org/Features/QualityOfService
>
> Based on it we need kernel patch for TOS , but I dont need TOS , I just need Layer 3 DSP , Linux mark rule based .
>
>
> i even tried to match traffic by mark and connmark and both did not help .
>
> -A OUTPUT -m mark --mark 0xd7 -j ACCEPT
> -A OUTPUT -m connmark --mark 0xd4 -j ACCEPT
>
>
> So both rules above was not able to pickup squid marking .
>
> Any helping Team on this case ?
>
>
> Thank you
More information about the squid-users
mailing list