> My iptables look like this: > > root@Base:/home/dave# iptables -t nat -L > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > DNAT tcp -- anywhere anywhere tcp > dpt:www to:192.168.60.254:3128 > DNAT tcp -- anywhere anywhere tcp > dpt:https to:192.168.60.254:3128 > DNAT tcp -- anywhere anywhere tcp > dpt:3128 to:192.168.60.254:3128 > DNAT tcp -- anywhere anywhere tcp > dpt:webcache to:192.168.60.254:3128 > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > MASQUERADE 0 -- 192.168.60.0/24 anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > But still no joy.... > What about iptables' INPUT chain. try to add below. #For squid traffic to Accept iptables -A INPUT -i eth1 -d 192.168.60.254 -p tcp -s 192.168.60.0/24 --dport 3128 -j ACCEPT I assume eth1 is the interface connected to LAN. -- Thank you Indunil Jayasooriya
