Im kind of confused as to where I need to mark packets with my setup. I have a linux router serving an internal subnet (eth1) whose http/https traffic goes through a squid proxy on the same box. Can someone tell me where I would need to insert marking rules so that all packets get properly filtered, whether sourced from the internal subnet or the local server? Also, are there any restrictions on what values are used for marking? (ie, do they have to be powers of 2 or anything?). Thanks, Jay
