It's Solved Stanislav Nedelchev wrote: > i'm using one line on eth2 only for web traffic > eth1 is my internal line and eth0 is my main line to internet . > i'm marking packets like this > > i have default route on eth0 > > iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j MARK > --set-mark 66 > iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 80 -j MARK > --set-mark 66 > iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 3128 -j MARK > --set-mark 66 > iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 3128 -j MARK > --set-mark 66 > > iptables -t mangle -A FORWARD -p tcp --sport 80 -j MARK --set-mark 66 > iptables -t mangle -A FORWARD -p tcp --dport 80 -j MARK --set-mark 66 > iptables -t mangle -A FORWARD -p tcp --sport 3128 -j MARK --set-mark 66 > iptables -t mangle -A FORWARD -p tcp --dport 3128 -j MARK --set-mark 66 > > > iptables -t nat -A POSTROUTING -o eth2 -p tcp --dport 80 -s > 192.168.0.0/24 -d ! 192.168.0.0/16 -j MASQUERADE > iptables -t nat -A POSTROUTING -o eth2 -p tcp --dport 3128 -s > 192.168.0.0/24 -d ! 192.168.0.0/16 -j MASQUERADE > > i have also > /sbin/ip route add 192.168.0.0/24 dev eth1 table natips > /sbin/ip route add 127.0.0.0/8 dev lo scope link table natips > /sbin/ip route add default via 217.10.248.1 dev eth2 table natips > /sbin/ip route flush cache > /sbin/ip rule add fwmark 66 table natips > > > squid is running > on 192.168.0.1:3128 > > without squid it's working i'm using second line for web traffic > with squid it's not working > > can anybody help me > > Thanks in advance. > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
