1) for redirections to work you need to enable IP forwarding in your kernel (even if you have a deny in your forward CHAIN) Yes. IP forwarding is enabled. The current kernel working perfectly with the older versions of Zorp. 2) can you send me the syslog generated by zorp? Dec 20 11:15:10 erasmus zorp-http[4693]: Verbosity level: 4 Dec 20 11:15:10 erasmus zorp-http[4693]: zorp version 0.7.7 starting up Dec 20 11:15:45 erasmus zorp-http[4693]: (zorp/plug_trans:0/plug): session_start, module=plug Dec 20 11:15:45 erasmus zorp-http[4693]: (zorp/plug_trans:0/plug): client_fd=10, client_addr=AF_INET(192.168.2.2:1576) Dec 20 11:15:46 erasmus zorp-http[4696]: (zorp/plug_trans:0/plug): server_fd=11, server_addr=AF_INET(193.224.167.248:25) ^^^^^^^^^this is normal?
zorp-http is the name of your instance, so if your instances.conf has an entry starting with zorp-http (as name), your instance will be named as zorp-http, thus it'll be used for logging. The currently used proxy module is shown by the session_id: (zorp/plug_trans:0/plug) ^^^^ - firewall name ^^^^^^^^^^ - service ^ service instance number ^^^^ used proxy module What is the server address you are trying to address? I presume 193.224.167.248:25. It should work, and it does work for me. Can you check with tcpdump if anything is received by Zorp? -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt