Hi list, one little question before getting all the weekends lazyness :O) I've got a squid running on firewall and i disabled nat in order to constrain client boxes using it. I do : ipchains -I input -i $DEV_INT -d 0.0.0.0/0 80 -p tcp -j REDIRECT 8080 --log all works fine and the log shows client access that is redirected. Then i do ipchains -I input --dport 8080 -p tcp -j ACCEPT --log ipchains -I output -i $DEV_INT -p tcp -j ACCEPT --log and no log entrys comes up and clients browser fail. Called address was http://193.99.144.71/, so DNS is irrelevant. Using 2.2.19 and just know, that transproxy support has to be enabled. Kernel sources are not on the box and i dont know how to determine, whether its compiled like that. Is there any chance to check that out, e.g. via /proc ? *AND* , if support is enabled, where else may problem lie. Squid works fine using it directly on port 8080 :O) Yours Michael