Kashif Ali Bukhari, on 07/07/2006 06:58 PM [GMT+500], wrote : > #hotmail > iptables -A PREROUTING -i eth0 -t mangle -p tcp -d 65.52.0.0/14 > --dport 80 -j RETURN > iptables -A PREROUTING -i eth0 -t mangle -p tcp -d 207.46.0.0/16 > --dport 80 -j RETURN > #yahoo > iptables -A PREROUTING -i eth0 -t mangle -p tcp -d 206.190.32.0/19 > --dport 80 -j RETURN > # > # By passing waridtel.com from cache/proxy servers > iptables -A PREROUTING -t mangle -i eth0 -p tcp -d 203.124.26.20 -j > RETURN > # > > > On 7/6/06, Askar Ali <askarali@xxxxxxxxx> wrote: >> Hi list, >> >> we are redirecting port 80 traffic from our firewall to our proxy/cache >> servers with iptables + iproute2 ie >> #ip rule add fwmark 9 table cache.out >> #ip route add default via xxx.xxx.xx.xx dev eth0 table cache.out >> #ip route flush cache >> >> iptables -A PREROUTING -i eth0 -t mangle -s xxx.xxx.xx.0/24 -p tcp >> --dport >> 80 -j MARK --set-mark 9 >> >> Everythign working fine, now a question is how to -j Return yahoo >> mail and >> hotmail traffic from going to proxy servers so that yahoo mail and >> hotmail >> see the orginal IP of the client not the IP of squid server. >> >> yahoo mail and hotmail resolve to multiple IPs if I add a -J Return rule >> before or after the above rule its not working say... >> >> iptables -A PREROUTING -i eth0 -t mangle -s xxx.xxx.xx.0/24 -d >> mail.yahoo.com -p tcp --dport 80 -j MARK --set-mark 9 >> >> Any help in this regards will be greatly apprecaited. >> >> Regards, >> >> > > Kashif thanks I very much appreciate it. :) Regards, Askar
