Squid 3.2.5 – tcp_outgoing_mark ignored for tunnelled CONNECT requests

squid-cacheLast month, I decided to apply a network policy in order to point the web traffic on differents links based on the domain url.After compiling the last version of Squid (3.2.5), I made my dstdomain ACLs and tested some sites. Great ! it works… until I check https browsing.

It seems there is missing code in tunnel.cc to handle the tcp_outgoing_mark directive in tunneling context. I opened the bug 3723 on bugs.squid-cache.org, but after a while, I took some time to manage this myself.

You will find a patch below which corrects this issue:

root@host:/usr/src/squid/squid-3.2.5/src# patch < tunnel.cc_3.2.5.patch

bugs.squid-cache.org
[wpdm_file id=11 title=”true” ]

Leave a Reply

Your email address will not be published. Required fields are marked *