Hi, I'm using squid to cache all the content from certain domains, such as amazon.com, googlevideo.com, etc. But when using: ebtables -t broute -A BROUTING -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP All the http traffic is routed...and my squid doesn't handle it well, since the ISP in question has a 600Mbps with about 10-12,000 users. So I thought I could develop something like this: ebtables -t broute -A BROUTING -p ipv4 --ip-proto tcp --ip-dport 80 --http-domain '.*googlevideo.com.*' -j redirect --redirect-target DROP And match the regexp --http-domain with the http header on (each) packet the match "--ip-dport 80". This way all the non-cacheable traffic doesn't get routed, it's forwarded along all other traffic, and only the desirable packets are routed to iptables and then squid. What do you guys think? Could this be done? Any thoughts would be appreciated. Cheers, Felipe Damasio -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
