I have 2 linux machines - linux_1 and linux_2 linux_1 has behind it a subnet with routable adresses (not private) I want that all the traffic incoming from the subnet behind linux_1 and going to port 80 to be redirected to linux_2, and from linux_2 go on the internet I presumed that a -j SNAT --to-source IP_linux_2 should be enough, but apparently it isn't should I issue a SNAT rule on linux_2 too, or it should run something like squid there ? thanks in advance, petre -- 8:22AM up 50 mins, 1 user, load averages: 0.11, 0.05, 0.01