Hello everyone and Balazs Scheidler ~ i have one problem, i recently made up the testbed like below to run the tproxy patched apache proxy, so i applied all iptables and routing rules with reading the readme file [http://www.balabit.com/downloads/files/tproxy/README.txt] but when the client tried to connect the web server, the packets reached to the box but my tproxy server could not receive any corresponding packet from clients i want to know why my proxy server can't receive any packet do i need some DNAT rules ? testbed: [client ] <---------> [tproxy patched apache mod_proxy] <--------> [web server] --------------------------- proxybox [proxybox] 1. OS: linux 2.6.31.6 vanilla kernel 2. iptables: 1.4.5 , no tproxy patched 3. proxy: tproxy patched [ please refer to the httpd-2.2.9-tproxy.patch ] APACHE 2.2.9 4. iptables and routing rules iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 3128 --tproxy-mark 0x1/0x1 ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-xmark 0x1/0xffffffff iptables -t mangle -A DIVERT -j ACCEPT