Squid 配置指令 mark_client_connection

可用版本:   v6   v5  

此指令在 Squid 的 v8 版本中不可用。

对于 v5 之前的旧版本,请参阅以上链接页面。

配置详情

选项名称mark_client_connection
替代
要求--with-cap 和 Packet MARK (Linux)
默认值none
建议配置 

      		
    

    

      

	Allows you to apply a Netfilter CONNMARK value to a connection
	on the client-side, based on an ACL.

	mark_client_connection mark-value[/mask] [!]aclname ...

	The mark-value and mask are unsigned integers (hex, octal, or decimal).
	The mask may be used to preserve marking previously set by other agents
	(e.g., iptables).

	A matching rule replaces the CONNMARK value. If a mask is also
	specified, then the masked bits of the original value are zeroed, and
	the configured mark-value is ORed with that adjusted value.
	For example, applying a mark-value 0xAB/0xF to 0x5F CONNMARK, results
	in a 0xFB marking (rather than a 0xAB or 0x5B).

	This directive semantics is similar to iptables --set-mark rather than
	--set-xmark functionality.

	The directive does not interfere with qos_flows (which uses packet MARKs,
	not CONNMARKs).

	Example where squid marks intercepted FTP connections:

	acl proto_ftp proto FTP
	mark_client_connection 0x200/0xff00 proto_ftp

	This clause only supports fast acl types.
	See https://wiki.squid.org.cn/SquidFaq/SquidAcl for details.



      		
    

    
 

  



返回

    	
 
	

		
 

		
简介

		
		
文档

		
		
支持

		
		
杂项