[squid-users] Squid ACLs by DSCP

ngtech1ltd at gmail.com ngtech1ltd at gmail.com
Wed Jun 22 15:37:33 UTC 2022 

Hey Amos,

I have a set of clients which I want to bump while others I don't want to bump.
I have 10 classes of clients which each and every one of them have a different pre-defined class.
If I can read the TOS hex value of the incoming intercepted connection I can decide in the ACLs 
based on the TOS specific decisions.
Since I am using an external_helper it's pretty easy to change the rules pretty easy without reloading squid.
Currently what I tried is to use couple squid ports and then intercept the traffic based on the DSCP(TOS..) value
to the designated port.

It's a pretty nice combination for my specific use case that I have about 10 pre defined client classes.

Thanks,
Eliezer

----
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd at gmail.com

-----Original Message-----
From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Amos Jeffries
Sent: Wednesday, 22 June 2022 13:08
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Squid ACLs by DSCP

On 19/06/22 06:55, ngtech1ltd wrote:
> Hey,
> 
> I have been marking different clients with DSCP and have managed to 
> redirect traffic to different squid ports based on DSCP.
> 
> I am trying to use a single squid port that will read the DSCP of the 
> connection as an ACL, is this even possible?
> 

The so-called DSCP "field" is a re-mapping of the TOS value.

See this table for the TOS hex values for each DSCP service type: 
<https://linuxreviews.org/Type_of_Service_(ToS)_and_DSCP_Values#The_DSCP_and_The_ToS_Byte_Values>


Squid has a fair amount of support for TOS. So the question is more 
whether Squid TOS directives can do what you want.


I do not understand quite what ACLs have to do with what you are 
wanting. Can you clarify what you are trying to have happen in terms of 
traffic flow?


HTH
Amos
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

More information about the squid-users mailing list