On Mon, 2003-09-22 at 07:22, boka wrote: > Hi ! > > - required options to iptables: > PREROUTING -s 10.10.32.61 -i eth0 -p tcp -m tcp --dport 80 -j MARK > --set-mark 0x2 > - table to rt_tables: > echo 202 www.out >> /etc/iproute2/rt_tables > - ip rule command: > ip rule add fwmark 2 table www.out > - ip route command (squid machine is in a different network than router) > ip route add default via 10.10.21.2 via 10.10.20.1 dev eth0 table www.out
This looks suspect - two via' statements? Secondly, if squid is not on the LAN attached to this router, you will need to perform similar ip route commands on the next router, otherwise it will route the traffic out via it's default route, (remember the destiation address is still for the internet, not for the squid address). Rob -- GPG key available at: <http://members.aardvark.net.au/lifeless/keys.txt>.
signature.asc
Description: This is a digitally signed message part
