Hi, all, I searched the archives for this and only saw one short thread regarding the topic. Since squid 2.5 came out, I have been using squid and squidguard it to secure the wireless network at my office building, forcing employees to enter a password that changes on a regular basis before allowing them to use the internet. I have been accomplishing that with a squid config file that boils down to the following: http_port 3128 8282 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on ... ... redirect_program /usr/bin/squidGuard redirect_children 10 acl unauthorized myport 8282 redirector_access allow unauthorized acl all src 0.0.0.0/0.0.0.0 http_access allow all icp_access allow all So basically your typical transparent proxy setting. Before a user is authenticated, iptables is redirecting port 80 to port 8282, which then goes to squidguard, which does its redirector magic. After authentication, iptables redirects to port 3128, and plain old transparent proxy takes place. This has been working beautifully up until 2.5.stable9, and has been broken (or "fixed", depending on who you ask!) ever since then. Nothing ever gets sent to squidguard now, it seems that the "myport 8282" acl never matches, and everything winds up going to "acl all src 0.0.0.0/0.0.0.0". Is there any way to make "myport" or "myip" work anymore in a transparent proxy situation? Thanks in advance for any help, -Dave