I`m using squid now. and i run 4 squid for load-balance and i trying to change my iptables rule.
this is my current rules.
iptables -t nat -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 4 --packet 0 -j REDIRECT --to-port 4001
iptables -t nat -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 3 --packet 0 -j REDIRECT --to-port 4002
iptables -t nat -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 2 --packet 0 -j REDIRECT --to-port 4003
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 4004
and i try to change using tproxy like below
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 4 --packet 0 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 4001
iptables -t mangle -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 3 --packet 0 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 4002
iptables -t mangle -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 2 --packet 0 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 4003
iptables -t mangle -A PREROUTING -p tcp --dport 443 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 4004
when i run with new iptables, only 4004 port is working.
What`s wrong with my rule?
