hi, i have a problem with susefirewall2, i can make ping to google from internal network, but i cant open any site from firefox i have a squid server but i can't establish connection between proxy and firewall....the proxy runs and the susefirewall then, but in my lan don't connect for proxy squid.... this are my lines....agane: /* SuSEfirewall2 configuration file */ FW_DEV_EXT="eth-id-00:11:25:65:19:a8" #eth0 FW_DEV_INT="eth-id-00:11:95:e1:d0:a2" #eth1 # FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.0.0/24" FW_FORWARD="172.19.1.101/16,192.168.0.1,tcp,80" FW_MASQ_DEV="$FW_DEV_EXT" # FW_SERVICES_ACCEPT_EXT="" # FW_SERVICES_EXT_TCP="22" #FW_SERVICES_EXT_IP="" # FW_SERVICES_INT_TCP="3128 80" #FW_SERVICES_INT_IP="" # FW_PROTECT_FROM_INT="yes" # #FW_ALLOW_PING_INT="yes" # FW_REDIRECT="192.168.0.1/24,0/0,tcp,80,3128" /* end SuSEfirewall2 configuration file */ and this is my squid server configuration: /* squid configuration files */ GNU nano 1.3.8 Fichero: /etc/squid/squid.conf http_port 3128 cache_dir ufs /usr/local/squid/cache 700 16 256 # # Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 192.168.0.1/255.255.255.255 acl red-lan src 192.168.0.0/255.255.255.0 # visible_hostname localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # http_access allow localhost http_access allow red-lan #http_access deny all /* end squid configuration files */ I will be waiting for suggestions !..... thanks ! Atte. <<_waltico_>> Walter Pabon Guerra "Don't worry, Be Linux..." http://www.utpinux.org http://waltico.utpinux.org