Hi Luca, Are your internal IP addresses in the /etc/squid/sbloccati_ip.acl file ? If my guess about your network configuration is correct (the NAT router and the Squid server are the same machine), then the NAT doesn't take effect when the clients connect to your Squid process. So, you should put the clients' IP addresses in the ACL file, not the NAT-ed IP addresses. I hope it helps ! George Iosif >>> Luca Ferrari <fluca1978@xxxxxxxxxxx> 09/24/07 7:06 PM >>> Hi all, I'm running squid on ubuntu server 7.04 (squid 2.6) and I'm getting a trobule copying the old config (worked on squid 2.4) to the new squid. I'd like to use the squid as transparent proxy, and thus I've got iptables redirecting all the stuff from the port 80 to the port 8080. If I manually set the proxy in a browser I can surf, but if I try to use it transparently I got a "unable to forward the request at this time" message error. I've found that it only happens if I take this acl enabled: acl sbloccati_ip src "/etc/squid/sbloccati_ip.acl" http_access allow sbloccati_ip if I comment out the http_access line I got the squid working, and the file sbloccati_ip.acl contains a list of ip that are allowed to use the proxy. It is working with other configurations, but I cannot find the solution. I've got the httpd_port 8080 transparent setting. I've checked that the NAT is not breaking the above acl, and I don't know where I can see further. Any idea? Thanks, Luca - To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html - To unsubscribe from this list: send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html