mangle squid packets

marcus <marcus@xxxxxxxxxxxxxx> · Fri, 01 Jul 2005 17:31:17 -0300

Hi, I've managed to work a 3 gateway linux router using this mangle rule
to mark local net incoming packets:

iptables -A PREROUTING -t mangle -s 10.0.0.0/8 -d 0/0 -j MARK --set-mark 3

Works, great. But i cant do the same with squid activated, I'm using
transparent proxy:

iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 80 -j REDIRECT
--to-port 3128

I dont know what mangle rule I need to mark squid transparent packets, I
have tried all the following (One at a time):

        iptables -A PREROUTING -t mangle -s 10.0.0.0/8 -d 0/0 -j MARK
--set-mark 3
        iptables -A PREROUTING -t mangle -s 127.0.0.1 -d 0/0  -j MARK
--set-mark 3
        iptables -A PREROUTING -t mangle -p tcp --dport 80 -j MARK
--set-mark 3
        iptables -A PREROUTING -t mangle -p tcp --dport 3128 -j MARK
--set-mark 3

Any ideas??

Thanks.

-- 
<http://www.lanhelp.com.br> 	Atenciosamente,
Marcus Leandro
Suporte / Consultoria
marcus@xxxxxxxxxxxxxx