gggg ggg wrote:
idejata mi haresa,ja dai primer kak da hvana koi
paketi sa na squida za da markiram i prenaso4a tiah
kam GW3 .dai primer s iptables.
g.
--- Evgeni Gechev <[EMAIL PROTECTED]> wrote:
gggg ggg wrote:
niamam kirilica na toja komp sorry.
GW1 e real IP ot dostav4ika.
GW2 - local mreja 192.168.250.0/24
GW3 - aDSL BTK 192.168.1.2
triabwa mi kogato iskam da polzvam DSL da sloja
proxy
(Squid) i to da me prekara prez GW3,a kogato ne
iskam
BTK da si mahna proxito i da varvia prez GW1,koito
e
default.
da razbira se s policy routing moga da hvana port
80
na 192.168.250.1 ,kadeto e squida, i da go pratia
na
GW3 sled kato go premaskiram/nat-na, no kato mahna
proxyto ot browsera - stava losho s tova policy r.
nadiavam se sega da rabirash kakuv mi e problema.
abe s dve dumi idejata e slednata :
proxy - BTK (GW3)
no-proxy - default GW1
georgi
Ìàðêèðàø ïàêåòèòå íà squid-à ñ iptables -m owner ...
Ïðàâèø rule çà òàêà ìàðêèðàíèòå èçõîäÿùè ïàêåòè, ñ
êîéòî ãè ïðàùàø íà
GW3, à âñè÷êî îñòàíàëî ñè ìèíàâà ïðåç GW1.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Ако squid-а е с натройките по подразбиране (user nobody):
iptables -t mangle -A OUTPUT -m owner --uid-owner nobody -j MARK
--set-mark 0x01
ip r a via GW3 t 253
ip ru a from tcp_outgoing_address_NA_SQUIDA fwmark 0x01 t 253
