Discussion:
[squid-users] Netfilter Mark
morteza omidian
2018-10-08 07:22:44 UTC
Permalink
HiIs it possible to create an acl based on netfilter mark in squid??for example:acl My_client NFMARK 0x1tcp_outgoing_mark 0x1 My_client
I want to keep clients packets mark after packets go out to the server!
tanx
Amos Jeffries
2018-10-08 08:03:16 UTC
Permalink
Post by morteza omidian
Hi
Is it possible to create an acl based on netfilter mark in squid??
acl My_client NFMARK 0x1
tcp_outgoing_mark 0x1 My_client
I want to keep clients packets mark after packets go out to the server!
What you are looking for is the "clientside_mark" ACL type, added in
Squid-4.

However, please be aware that not all traffic leaving Squid has a client
TCP connection. Also that HTTP itself is both multiplexed and pipelined.
So TCP packets on a server connection may contain HTTP messages
servicing multiple clients simultaneously.

Amos

Loading...