I'm follow up every step via this link http://web.suffieldacademy.org/ils/netadmin/docs/software/squid/ and everything that work fine. -----Original Message----- From: admin@xxxxxx [mailto:admin@xxxxxx] Sent: Saturday, March 29, 2008 4:04 AM To: squid-users@xxxxxxxxxxxxxxx Subject: TPROXY but without bridging? Hello, I'm using Squid Cache: Version 2.6.STABLE18 Is there posibility to use it as fully transprent proxy (with tproxy) but without bridging interfaces? My topology: [router 0]---[Internet] | | [===switch=======================] | | | [squid] [ router a ][ router b ] ..... to routers a,b... are connected clients. On that routers I have DNAT --to-destiation squid:80 On squid machine i have 2.6.25-rc7 kernel and Squid with patches from http://people.balabit.hu/panther/tproxy/. And: iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY \ --tproxy-mark 0x1/0x1 -on-port 3128 iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 squid.conf: .. http_port 3128 transparent tproxy tcp_outgoing_address [machine ip] .. When I test this configuration webservers logs connection from clients from routers a,b... with ip of squid machine. So tproxy doesnt' work. Can I fix it? PS. It's urgent for me, please help;) Regards, Tomasz