hi,
I have similiar setup, but I load balance my proxy,
2 ways I would try with iproute2 off the top of my head
1)
ip rule add from x.x.x.x table out1
ip route add default dev eth1 table out
where x.x.x.x is the ip of your transparent ip
2) I would do what you did with port 80 just the other way around
have a default route of eth1 and have a "iptables -t mangle -A PREROUTING !
-p tcp --dport 80 -j MARK etc" rule where u mark everyhing except port 80
through eth0 ( check the NOT in the iptables command)
hope this helps
Sew
On 2/8/06, Nataniel Klug <nata@cnett.com.br>
wrote:>
> Hello all,
>
> After many time reading a lot of stuff I am quite confident using
> LARTC
> to route my trafic. I am still working on QoS (by package type and so on)
> but it will stay in my studing class for a long time... ;)
>
> So lets go to my question... I mounted a router that makes my
> conections
> throug 2 external interfaces.
>
> Its working fine and my default gateway for entire network behind it
> (nated) is the link at interface eth0.
>
> All traffic going to port 80 is maked as 0x1 and I route it to a table
> that makes its default route trhough link2 (eth3).
>
> My problem begins when I try to use transparent proxy (squid) with
> this
> rule:
>
> iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -p tcp -m tcp --dport 80
> -j
> REDIRECT --to-ports 3128
>
> If I make this rule my routing tables begins to scramble all my
> traffic
> and makes it going ALL through only 1 link (eth0). There is anyway to use
> transparent squid with multiple routing tables and marking packages?
>
> PS.: What is this error "Icmp checksum is wrong"
>
> Att,
>
> Nataniel Klug
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc