I am having issues with a few sites like megavideo, hotmail, etc and looking to bypass them entirely via IPTables ... I have added some rules to IPTables but I still see the traffic hitting the caches. Any ideas? Strange thing is that when running an iptables --list it shows no rules configured at all .. Here is my iptables rules /usr/local/sbin/iptables -t mangle -N DIVERT /usr/local/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1 /usr/local/sbin/iptables -t mangle -A DIVERT -j ACCEPT /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT #Bypass These subnets /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 80 -d 65.54.186.0/24 -j RETURN /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 80 -d 65.54.165.0/24 -j RETURN /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 80 -d 72.32.79.195/24 -j RETURN /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 80 -d 64.4.20.0/24 -j RETURN /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp -m tcp --dport 80 -d 69.5.88.0/24 -j RETURN # Redirect to squid /usr/local/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129 ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100
