On 27/03/2013 1:13 p.m., Ed W wrote:
Hi Andy, Sorry to bug you, but I finally got round to trying the
qos_flows feature and I think my understanding is completely back to
front?
What I need is to copy the packet/connection mark from the client
request, and apply it to the upstream request. So for example I mark
clients that have passed a captive portal test with some mark, I need
that mark copying up to requests coming from squid so that I know they
effectively come from a validated client
Uhm, sorry to ut in but I question why your Squid would relay requests
from non-validated clients?
On a portal you should have unlimited access to the portal splash content.
On a local stub server running in the portal DMZ or "error" splash pages
delivered by Squid itsef on a 511 status code are the best ways. Using
those methods ther DMZ firewall needs no pinholes to get to the splash
content.
Amos
