Thats the thing... if I enable the ebtables rules the bridging of http on the local network stops but squid shows no activity even though the tproxy counters increase. If I wget to 0.0.0.0 my squid shows wget connection but returns a gateway error so I know the squid is replying to requests it receives. I'm thinking perhaps the traffic might be being directed to the bridge route instead of lo which would cause it to die. 2010/4/2 Henrik Nordström <henrik@xxxxxxxxxxxxxxxxxxx>: > fre 2010-04-02 klockan 09:47 -0700 skrev Kurt Sandstrom: > >> 2 things I may try this evening... grab tcp traffic from eth0 and br0 >> to see if redirected port 3129 is being routed out of the system >> instead of to the localhost. Then try (a shot in the dark) changing: > > Which MAC address is being used on the packets sent out? > > Have a feeling the packets never gets diverted off the bridge.. if so > then the MAC is unchanged when the packet is sent out. > > If the packet did get diverted from the bridge to routing then the > source MAC of the packets when leaving the server will be that of br0. > > other sign to look for is if the IP ttl gets decremented. If the packet > is being bridged then ttl stays the same, if it's being routed then ttl > is decremented by one. > > Regards > Henrik > >