--- Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx> wrote: > > [Firewall]: > > iptables -t nat -A PREROUTING -i eth0 -p tcp > --dport > > 80 -j DNAT --to 192.168.1.2:3128 > > This only kind of works, but very tricky to get > right. > > First problem is that the proxy box MUST be > configured to route return > traffic to the clients via the firewall when using > iptables like this. > Henrik, How to configure proxy to route return traffic via firewall? I try rules "iptables -t nat -A PREROUTING -i eth0 -s ! 192.168.1.2 -p tcp --dport 80 -j DNAT --to 192.168.1.2:3128" but won't work correctly. any help would be great. Thanks. Zul __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com