squid + fwmark problem

jonathan support-squid at bfinance.fr
Fri Apr 29 12:24:28 CEST 2005

I am running a squid transparent proxy on the same server than a
iptables firewall. 

I have two internet connections on the server and of course another one
for th local network. 
I use meta-data marking (netfilter / fwmark) to route the packets to
ISP1 or ISP2 according the destination port. 

It works very well if the proxy is inactive, but when I activate squid
(with port redirection), packets are going to any output interface
ignoring the packet marking rules. 

But now I am "terrify" because I have just read in this mailing list
that squid doesn't support the meta-data marking. 

Is that right and why ? does anybody have used both successfully ? Is
there another solution for my problem ? 

thanks a lot for helping a squid newbie...

PS: sorry for my poor english.

More information about the netfilter mailing list