Squid configuration directive mark_client_connection
This directive is not available in the v4 version of Squid.
This directive is not available in the 3.5 version of Squid.
For older versions than 3.5 see the linked pages above
Configuration Details:
Option Name: | mark_client_connection |
---|---|
Replaces: | |
Requires: | Packet MARK (Linux) |
Default Value: | none |
Suggested Config: |
|
Allows you to apply a Netfilter CONNMARK value to a connection on the client-side, based on an ACL. mark_client_connection mark-value[/mask] [!]aclname ... The mark-value and mask are unsigned integers (hex, octal, or decimal). The mask may be used to preserve marking previously set by other agents (e.g., iptables). A matching rule replaces the CONNMARK value. If a mask is also specified, then the masked bits of the original value are zeroed, and the configured mark-value is ORed with that adjusted value. For example, applying a mark-value 0xAB/0xF to 0x5F CONNMARK, results in a 0xFB marking (rather than a 0xAB or 0x5B). This directive semantics is similar to iptables --set-mark rather than --set-xmark functionality. The directive does not interfere with qos_flows (which uses packet MARKs, not CONNMARKs). Example where squid marks intercepted FTP connections: acl proto_ftp proto FTP mark_client_connection 0x200/0xff00 proto_ftp This clause only supports fast acl types. See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details. |
|
Introduction
- About Squid
- Why Squid?
- Squid Developers
- How to Donate
- How to Help Out
- Getting Squid
- Squid Source Packages
- Squid Deployment Case-Studies
- Squid Software Foundation
Documentation
- Configuration:
- FAQ and Wiki
- Guide Books:
- Non-English
- More...
Support
- Security Advisories
- Bugzilla Database
- Mailing lists
- Contacting us
- Commercial services
- Project Sponsors
- Squid-based products
Miscellaneous
- Developer Resources
- Related Writings
- Related Software:
- Squid Artwork