Hi, I'm running tproxy with the squid server in different box, my topology look like this: [Client]-------[Squid]---[tproxy/FW]----[Web server] 192.168.1.3 192.168.1.2 192.168.1.1 192.168.2.2 192.168.2.1 [squid] - tproxy patched kernel and iptables-1.3.6 [tproxy/FW]: iptables -t tproxy -A PREROUTING -i eth0 -s ! 192.168.1.2 -m tcp -p tcp --dport 80 -j TPROXY --on-port 3128 --on-ip 192.168.1.2 with the config above, my squid not running well. I read on "Transparent Proxy with Linux and Squid mini-HOWTO" there are some rules I've to configure which is; iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80 -j DNAT --to squid-box:3128 iptables -t nat -A POSTROUTING -o eth0 -s local-network -d squid-box -j SNAT --to iptables-box iptables -A FORWARD -s local-network -d squid-box -i eth0 -o eth0 -p tcp --dport 3128 -j ACCEPT the problem is some of those rule are not compatible with tproxy table, is there any guide on how to convert it to tproxy rules? any help would be greatly appreciated. regards, Zul __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com