Hi, i want to use Squid 2.5Stable8 on my Debian Sarge System as a transparent Proxy. We've got i Firewall here (debian machine with iptables). The idea is, that the users from the local net (172.21.0.0/16) use the transparent proxy. Squid is running normal on the Proxy Machine and i've set the following options in squid.conf: httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on We've tried the following iptables rules on the firewall: iptables -t nat - A PREROUTING -i "Interface for local net" -s ! "squid-machine" -p tcp --dport 80 -j DNAT -- "squid-machine:3128" iptables -t nat -A POSTROUTING -o "Interface for local net" -s "172.21.0.0/16" -d "squid-machine" -j SNAT --to "localhost" iptables -A FORWARD -s "172.21.0.0/16" -d "squid-machine" -i "Interface for local net" -o "Interface for local net" -p tcp --dport 3128 -j ACCEPT That doesnt work. What is wrong? Thanks for your answers