OK I could confirm that the SNAT patch provided seems to work for me. I have more questions on tproxy 4.1.0 and FWMARK :-
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY \ --tproxy-mark 0x1/0x1 -on-port 3128 iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT
ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100
If I have to do split access on outgoing traffic into multiple interfaces, I would already have use FWMARK in one way or other. For example, for split outgoing access, I would have already mark traffic going out to eth0 with FWMARK 5, and traffic going out to eth1 with FWMARK 7. And I would already have these rules :- ip rule add fwmark 5 lookup 120 ip rule add fwmark 7 lookup 130 ( And table 120 will default route to gateway belonging to interface 1 and table 130 will default route to gateway belonging to interface 2 ). So how could I incorporate the tproxy mark into my existing use of FWMARK ? Regards.