The iptables packet mark (mark/fwmark) is to my knowledge not available
to TCP/IP applications like Squid, only to packet related code within
the kernel such as iptables, routing etc..
What you can do is to set use multiple http_port directives in Squid,
and have iptables send the traffic to different Squid ports depending on
the criterias. You can then differentiate the traffic by the "myport"
acl. May collide with transparent proxying however as Squid-2.5 and
earlier does not differentiate between "myport" and "intended
destination port" for transparently proxied requests..
Regards
Henrik
mån 2003-02-24 klockan 11.44 skrev JSF:
> Hi folks,
>
> I'm using iptables to mark incomming packages at the mangle table, depending
> on the service I would like to offer to the users. My problem is that I'm
> using squid for web proxy traffic, and I would like to create acl rules for
> allowing determinate web pages access depending on the user packages mark.
> Does anybody know how to do it?
>
> That's all, thanks a million.
>
> Jorge S.F.
-- Henrik Nordstrom <hno@squid-cache.org> MARA Systems AB, SwedenReceived on Mon Feb 24 2003 - 07:10:04 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:34 MST