tanx again.Ok, if I want to know connmark of packets and connection in squid
and then select them with an ACL inside of squid and then again mark them with
"tcp_outgoing_mark", is that possible??
In this page i don't see what you said!The ACL that be configured only match
with clients source
On 13/10/18 3:08 AM, Dieter Bloms wrote:
> Hello,
>
> we use the sslbump feature of squid, and it works very well.
> One of our http clients expect a CRL distribution point in the dynamic
> generated certificate.
> I've setup a http server, which delivers this crl list, but don't know
> how to
On 13/10/18 5:13 AM, morteza omidian wrote:
>
> Tank you, I see it now.
> It does not help me, I want to have an acl to select traffic (HTTP
> traffic that comes from client to squid) that have a specific packet
> mark and then send them out with another mark. like this:
> In
Tank you, I see it now.It does not help me, I want to have an acl to select
traffic (HTTP traffic that comes from client to squid) that have a specific
packet mark and then send them out with another mark. like this:In
iptables-mangle-PREROUTING:
iptables -t mangle -A PREROUTING -p tcp
On Friday 12 October 2018 at 16:41:44, morteza omidian wrote:
> HiI asked my question before.It seems that anybody can not answer it!!
Did you miss the response from Amos?
http://lists.squid-cache.org/pipermail/squid-users/2018-October/019389.html
> As you know, we can mark packets when they
HiI asked my question before.It seems that anybody can not answer it!!
As you know, we can mark packets when they go out of squid with
"tcp_outgoing_mark", this mark is based on Source IP or Source MAC of client,
but i want to mark them based on mark of input packet, something like this:
In
Hello,
we use the sslbump feature of squid, and it works very well.
One of our http clients expect a CRL distribution point in the dynamic
generated certificate.
I've setup a http server, which delivers this crl list, but don't know
how to configure squid to set this distribution point in every