>I dont know what mangle rule I need to mark squid transparent packets, I >have tried all the following (One at a time): Because Squid practically starts a new connection, you need special help from squid itself to mark outgoing packets based on incoming ones. This is done by TPROXY, a netfilter module from Balabit.com. Unfortunately, they do not have a version for 2.6.11 and up yet. Jan Engelhardt -- | Alphagate Systems, http://alphagate.hopto.org/
