Hello my friends, I have a new question about TPROXY. I have not put the tproxy+squid cache into work yet becouse I have this question. Lets talk about my layout plan: [router]0<<>>0[linux.qos]1<<>>0[linux.tproxy.cache]1<<>>X[clients] So, about ip and routes: [router]0 IP: 200.xxx.208.1 Netmask: 255.255.255.252 route add -net 200.xxx.208.4/32 gw 200.xxx.208.2 0[linux.qos] IP: 200.xxx.208.2 Netmask: 255.255.255.252 GW: 200.xxx.208.1 [linux.qos]1 IP: 172.16.0.1 Netmask: 255.255.255.252 route add -net 200.xxx.208.4/32 gw 172.16.0.2 0[linux.tproxy.cache] IP: 172.16.0.2 Netmask: 255.255.255.252 GW: 172.16.0.1 [linux.tproxy.cache]1 IP: 200.xxx.208.5 Netmask: 255.255.255.252 X[clients] IP: 200.xxx.208.6 Netmask: 255.255.255.252 GW: 200.xxx.208.5 Using this layout I can provide full access to the client listed. If I use an iptables rule and squid in transparent mode (not tproxy) it is cached normal. My question is: Using tproxy is that necessary that my cache server has an ip that can be reached from the outside world or can it be only made a masquerade into server QOS? -- Att, NATANIEL KLUG nata@cnett.com.br LEIA O DIA-A-DIA DO NATA http://nataklug.blogspot.com/ Cyber Nett - Internet Banda Larga www.cnett.com.br (42) 3635-2957 Rua Diogo Pinto, 1046, Centro Laranjeiras do Sul - PR Brasil - 85301-290 "... também os sábios possuem coração tangível e podem, por vezes, usar da ciência como meio de demonstrar impressões sentimentais de que muitos não os julgam suscetíveis." Visconde de Taunay