On Fri, 29 Apr 2005, jonathan wrote:
> I have two internet connections on the server and of course another one
> for th local network. I use meta-data marking (netfilter / fwmark) to
> route the packets to ISP1 or ISP2 according the destination port.
>
> It works very well if the proxy is inactive, but when I activate squid
> (with port redirection), packets are going to any output interface
> ignoring the packet marking rules.
This is because Squid is the origin of all packets then, and your
meta-data marking is most likely no longer active.
> But now I am "terrify" because I have just read in this mailing list
> that squid doesn't support the meta-data marking.
Correct. Not supported by the kernel.
> Is that right and why ? does anybody have used both successfully ? Is
> there another solution for my problem ?
You need to set up similar mark rules in your OUTPUT mangle chain.
Regards
Henrik
Received on Thu May 26 2005 - 07:11:43 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT