Hi, The first version from the development branch (1.1) of tproxy has been released. This version has substantially reworked connection tracking entry deletion, and comes with an experimental patch to the Netfilter NAT and connection tracking code to make reusing of addresses used by TIME_WAIT connections possible. The contents of the patch_tree subdirectory: * 01-tproxy-1.1.1.diff - the transparent proxying patch, you should apply at least this one. * 02-nat_conntrack_delete.diff - experimental patch for Netfilter NAT, use if you get a lot of "error applying NAT mapping" errors, and please report experiences to the mailing list. The userspace-kernel interface is unchanged, so it is compatible with the stable versions. The patch is for Linux 2.4.22, and because of submitted changes in Netfilter NAT and conntrack code, may not work with later kernels. Although it has passed basic tests and appears to be working, it is still experimental, so use with care. Testing on heavily loaded and/or SMP boxes would be appreciated, just send bugreports to the tproxy mailing list. (We are interested in all kinds of problems, not just oopses: strange looking error/warning messages in your kernel logs, etc.) The package is available from http://www.balabit.com/downloads/tproxy/linux-2.4/devel/ MD5 checksum of cttproxy-2.4.22-1.1.1.tar.gz: 5b2c505df3a32c7b30ec64193b6bbd72 -- Regards, Krisztian KOVACS