hello, i'm korean so im sorry my english text written my environment is the latest Centos and network doing bridge. my option is already setted by using information on internet my problem is that squid 2.7 setting "--enable-linux-tproxy" causes below warning.. --------------------------------------- --------------------------------------- checking if Linux (Netfilter) kernel header files are installed... no WARNING: Cannot find necessary Linux kernel (Netfilter) header files Linux Transparent Proxy support WILL NOT be enabled checking if TPROXY header files are installed... no --------------------------------------- --------------------------------------- my wordering is that although tproxy is intergrated with latest kernel source, there is not ip_tproxy.h i have known that ip_tproxy.h was provided from obsolete kernel source patch in "balabit.com" but why do squid2.7 need ip_tproxy.h? so, i downloaded ip_tproxy.h and compiled squid2.7 by using the ip_tproxy.h and i setted option "http_port 3128 tproxy" in squid.conf. after compiling and setting, the squid is running but the tproxy doesn't work. i setted iptables rules following below --------------------------------------------------------------------- ---------- setsebool squid_connect_any=1** setsebool squid_use_tproxy=1 iptables -t mangle -N DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3128 --------------------------------------------------------------------- ---------- i must use tproxy in squid 2.7 environment. could you help me? please..