tcp_outgoing_mark via runtime lookup

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

tcp_outgoing_mark via runtime lookup

Dirk Vleugels
Hello,

we’re looking for a way to set tcp_outgoing_mark based on runtime information - e.g. via external_acl_helper.

Currently, we use a static mapping (requests coming in via personalized IPSec tunnel):

acl ten_zero   src 10.0.0.0/16

tcp_outgoing_mark 0x0a ten_zero

to route outgoing traffic to the destination tunnel. In the future we’ll have to obtain the „configured“ source-ip for a customer from a 3rd party service (rest interface most likely).

Is this feasible at all?

Regards,
Dirk

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: tcp_outgoing_mark via runtime lookup

Alex Rousskov
On 07/10/2017 06:58 AM, Dirk Vleugels wrote:

> we’re looking for a way to set tcp_outgoing_mark based on runtime information - e.g. via external_acl_helper.

> Is this feasible at all?
Sure. Use an "external" ACL type to annotate the transaction, and use
transaction annotation(s) to select the right tcp_outgoing_mark via a
"note" ACL.

Alex.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Loading...