Hi, I've got a 2.4.26 kernel with grsec + openswan + tproxy support. I want to redirect specific destinations to a proxy on the local machine. An example : redirect all trafic to port 12345 to the proxy on 127.0.0.1:12345. The iptables rule : iptables -t tproxy -A PREROUTING -p tcp -d 0.0.0.0/0 --dport 12345 -j TPROXY --on-port 12345 --on-ip 127.0.0.1 Doing a telnet to some IP on port 12345 results in : Aug 2 21:43:28 fw kernel: martian destination 127.0.0.1 from 10.1.1.52, dev eth1 where 10.1.1.52 is the machine initiating the telnet, 10.1.1.1 is the machine where the packet enters the IP stack on eth1. The relevant function in this case seems to be ip_route_input_slow() in net/ipv4/route.c. The behaviour is logical, but prevents tproxy support from working in this case. Any suggestions ??? Regards, Igmar