The iptables packet mark (mark/fwmark) is to my knowledge not available to TCP/IP applications like Squid, only to packet related code within the kernel such as iptables, routing etc..
What you can do is to set use multiple http_port directives in Squid, and have iptables send the traffic to different Squid ports depending on the criterias. You can then differentiate the traffic by the "myport" acl. May collide with transparent proxying however as Squid-2.5 and earlier does not differentiate between "myport" and "intended destination port" for transparently proxied requests.. Regards Henrik m�n 2003-02-24 klockan 11.44 skrev JSF: > Hi folks, > > I'm using iptables to mark incomming packages at the mangle table, depending > on the service I would like to offer to the users. My problem is that I'm > using squid for web proxy traffic, and I would like to create acl rules for > allowing determinate web pages access depending on the user packages mark. > Does anybody know how to do it? > > That's all, thanks a million. > > Jorge S.F. -- Henrik Nordstrom <[EMAIL PROTECTED]> MARA Systems AB, Sweden
