I have similiar setup, but I load balance my proxy,
2 ways I would try with iproute2 off the top of my head
1)
ip rule add from x.x.x.x table out1
ip route add default dev eth1 table out
where x.x.x.x is the ip of your transparent ip
2) I would do what you did with port 80 just the other way around
have a default route of eth1 and have a "iptables -t mangle -A PREROUTING ! -p tcp --dport 80 -j MARK etc" rule where u mark everyhing except port 80 through eth0 ( check the NOT in the iptables command)
hope this helps
Sew
On 2/8/06, Nataniel Klug <nata@xxxxxxxxxxxx> wrote:
Hello all,
After many time reading a lot of stuff I am quite confident using LARTC
to route my trafic. I am still working on QoS (by package type and so on)
but it will stay in my studing class for a long time... ;)
So lets go to my question... I mounted a router that makes my conections
throug 2 external interfaces.
Its working fine and my default gateway for entire network behind it
(nated) is the link at interface eth0.
All traffic going to port 80 is maked as 0x1 and I route it to a table
that makes its default route trhough link2 (eth3).
My problem begins when I try to use transparent proxy (squid) with this
rule:
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -p tcp -m tcp --dport 80 -j
REDIRECT --to-ports 3128
If I make this rule my routing tables begins to scramble all my traffic
and makes it going ALL through only 1 link (eth0). There is anyway to use
transparent squid with multiple routing tables and marking packages?
PS.: What is this error "Icmp checksum is wrong"
Att,
Nataniel Klug
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
