i'm using one line on eth2 only for web traffic eth1 is my internal line and eth0 is my main line to internet . i'm marking packets like this i have default route on eth0 iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 3128 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 3128 -j MARK --set-mark 66 iptables -t mangle -A FORWARD -p tcp --sport 80 -j MARK --set-mark 66 iptables -t mangle -A FORWARD -p tcp --dport 80 -j MARK --set-mark 66 iptables -t mangle -A FORWARD -p tcp --sport 3128 -j MARK --set-mark 66 iptables -t mangle -A FORWARD -p tcp --dport 3128 -j MARK --set-mark 66 iptables -t nat -A POSTROUTING -o eth2 -p tcp --dport 80 -s 192.168.0.0/24 -d ! 192.168.0.0/16 -j MASQUERADE iptables -t nat -A POSTROUTING -o eth2 -p tcp --dport 3128 -s 192.168.0.0/24 -d ! 192.168.0.0/16 -j MASQUERADE i have also /sbin/ip route add 192.168.0.0/24 dev eth1 table natips /sbin/ip route add 127.0.0.0/8 dev lo scope link table natips /sbin/ip route add default via 217.10.248.1 dev eth2 table natips /sbin/ip route flush cache /sbin/ip rule add fwmark 66 table natips squid is running on 192.168.0.1:3128 without squid it's working i'm using second line for web traffic with squid it's not working can anybody help me Thanks in advance. _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
