> iptables -A PREROUTING -t nat -i eth1 ... -j REDIRECT --to-port 3128
> iptables -A PREROUTING -t mangle -i eth1..... -j mark 1
I don''t think that will do what you want. The first iptables command
will
A(dd) an entry to the nat table. Your second command adds an entry to the
mangle table. So even though one command immediately follows the other in
your script, packets won''t see them that way. Do this to see the
order of
tests in your tables:
iptables -L -v -n -t nat
iptables -L -v -n -t mangle
I have never been clear about the exact order of tables/chains packets see
so I don''t know which table they will traverse first.
- Greg
-----Original Message-----
From: Arindam Haldar [mailto:ahiam@yahoo.com]
Sent: Friday, December 28, 2001 2:29 AM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] PREROUTING doubts !!
hi all,
i want 2 know if the follwing is correct
iptables -A PREROUTING -t nat -i eth1 ... -j REDIRECT --to-port 3128
iptables -A PREROUTING -t mangle -i eth1..... -j mark 1
the intention is to send http pkts first to transpaent squid else use
routing based on cost & bandwidth !
will be very thanful to u 4 cealring this doubt
arindam haldar
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/