> Indeed, I use transparent proxy, redirecting everything on port 80 to
> 3128, on the same machine. To make sure it's clear, the scenario is
> simple: client enters eth1 on port 80, gets redirected to port 3128...
> I mark the packet depending on its source and than I apply a tc filter
> to direct it to the right tc class.
>
> In this case how should I mark the packets in order to be able to aply
> filters by handle?
If you mark packets when they enter eth1 and they are redirected to squid, the
mark is lost and can't be used to filter with tc when they leave the box
again.
Hi,
A solution to filter tcp packets by source address after packets go through squid could be to let squid mark the packets, for example, with the DSCP mark:
acl asdrubal src 192.168.1.2 tcp_outgoing_dscp 0xb8 asdrubal
At the QoS egress, packets would be put in the wright traffic classes using dsmark.
Does this makes any sense? I am currently doing that, though I am still looking for a more generic approach ...
Regards, Joana Urbano
