--- squid-2.6.org/src/comm.c	2008-01-04 09:51:59.000000000 +0800
+++ squid-2.6.new/src/comm.c	2008-01-04 09:56:12.000000000 +0800
@@ -162,7 +162,7 @@
     int flags,
     const char *note)
 {
-    return comm_openex(sock_type, proto, addr, port, flags, 0, note);
+    return comm_openex(sock_type, proto, addr, port, flags, 0, note, 0);
 }
 
 
@@ -175,7 +175,7 @@
     u_short port,
     int flags,
     unsigned char TOS,
-    const char *note)
+    const char *note, struct in_addr* tproxy)
 {
     int new_socket;
     int tos = 0;
@@ -209,6 +209,18 @@
 	debug(5, 0) ("comm_open: setsockopt(IP_TOS) not supported on this platform\n");
 #endif
     }
+#if LINUX_TPROXY
+    {
+        #define IP_TRANSPARENT 19
+        int x=1;
+        if (setsockopt(new_socket, SOL_IP, IP_TRANSPARENT, &x, sizeof(x)) == -1) {
+               debug(20, 1) ("tproxy ip ,port  ERROR ASSIGN\n");
+        } else if (tproxy){
+               addr.s_addr = tproxy->s_addr;
+               port=0;
+        }
+    }
+#endif
     /* update fdstat */
     debug(5, 5) ("comm_open: FD %d is a new socket\n", new_socket);
     fd_open(new_socket, FD_SOCKET, note);
--- squid-2.6.org/src/forward.c	2007-09-06 05:28:34.000000000 +0800
+++ squid-2.6.new/src/forward.c	2008-01-04 10:01:37.000000000 +0800
@@ -40,7 +40,7 @@
 #include <linux/netfilter_ipv4.h>
 #endif
 #if LINUX_TPROXY
-#include <linux/netfilter_ipv4/ip_tproxy.h>
+/*#include <linux/netfilter_ipv4/ip_tproxy.h>*/
 #endif
 
 static PSC fwdStartComplete;
@@ -463,7 +463,7 @@
     struct in_addr outgoing;
     unsigned short tos;
 #if LINUX_TPROXY
-    struct in_tproxy itp;
+    /*struct in_tproxy itp; */
 #endif
 
     assert(fs);
@@ -556,7 +556,7 @@
 	0,
 	COMM_NONBLOCKING,
 	tos,
-	url);
+	url, ( fwdState->request->flags.tproxy ? &fwdState->src.sin_addr: 0)  );
     if (fd < 0) {
 	debug(50, 4) ("fwdConnectStart: %s\n", xstrerror());
 	err = errorCon(ERR_SOCKET_FAILURE, HTTP_INTERNAL_SERVER_ERROR, fwdState->request);
@@ -587,7 +587,7 @@
     if (fs->peer) {
 	hierarchyNote(&fwdState->request->hier, fs->code, fs->peer->name);
     } else {
-#if LINUX_TPROXY
+#if 0
 	if (fwdState->request->flags.tproxy) {
 
 	    itp.v.addr.faddr.s_addr = fwdState->src.sin_addr.s_addr;
--- squid-2.6.org/src/protos.h	2008-01-04 10:05:00.000000000 +0800
+++ squid-2.6.new/src/protos.h	2008-01-04 10:05:13.000000000 +0800
@@ -160,7 +160,7 @@
 extern void comm_init(void);
 extern int comm_listen(int sock);
 extern int comm_open(int, int, struct in_addr, u_short port, int, const char *note);
-extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, const char *);
+extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, const char *, struct in_addr* );
 extern u_short comm_local_port(int fd);
 
 extern void commDeferFD(int fd);
--- squid-2.6.org/src/ssl.c	2008-01-04 10:06:47.000000000 +0800
+++ squid-2.6.new/src/ssl.c	2008-01-04 10:06:53.000000000 +0800
@@ -524,7 +524,7 @@
 	0,
 	COMM_NONBLOCKING,
 	getOutgoingTOS(request),
-	url);
+	url, 0);
     if (sock == COMM_ERROR) {
 	debug(26, 4) ("sslStart: Failed because we're out of sockets.\n");
 	err = errorCon(ERR_SOCKET_FAILURE, HTTP_INTERNAL_SERVER_ERROR, request);
diff -Nru squid-2.6.old/src/tools.c squid-2.6.new/src/tools.c
--- a/src/tools.c	2008-02-20 15:17:51 -0700
+++ b/src/tools.c	2008-02-20 15:18:02 -0700
@@ -47,7 +47,7 @@
 #define _LINUX_TYPES_H
 #define _LINUX_FS_H
 typedef uint32_t __u32;
-#include <sys/capability.h>
+#include <linux/capability.h>
 #endif
 #endif