Search squid archive

Bypassing squid for certain sites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am having issues with a few sites like megavideo, hotmail, etc and
looking to bypass them entirely via IPTables ... I have added some
rules to IPTables but I still see the traffic hitting the caches.  Any
ideas?

Strange thing is that when running an iptables --list it shows no
rules configured at all ..

Here is my iptables rules

/usr/local/sbin/iptables -t mangle -N DIVERT
/usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1
/usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT

#Bypass These subnets
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport
80 -d 65.54.186.0/24 -j RETURN
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport
80 -d 65.54.165.0/24 -j RETURN
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport
80 -d 72.32.79.195/24 -j RETURN
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport
80 -d 64.4.20.0/24 -j RETURN
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport
80 -d 69.5.88.0/24 -j RETURN

# Redirect to squid
/usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j
TPROXY --tproxy-mark 0x1/0x1 --on-port 3129

ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux