Hi, I have a firewall which also serves as a transparent proxy system. So all forward 80 ports are sent to the localhost(I think)'s 3129 port. I've read http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect, and my netfilter rules are: LO_REDIRECT=3129 $IPTB -t nat -A PREROUTING -i $INET_IF -s $INET_IP -p tcp \ --dport $HTTP -j ACCEPT $IPTB -t nat -A PREROUTING -i $DMZ_IF -p tcp -s $LAN_NET --dport $HTTP \ -j REDIRECT --to-ports $LO_REDIRECT $IPTB -t nat -A POSTROUTING -o $INET_IF -p tcp -j MASQUERADE $IPTB -t mangle -A PREROUTING -p tcp --dport $LO_REDIRECT -j DROP squid.conf: http_port 3129 transparent (are there other options that I need to consider?) >From within the LAN_NET, I get a time out error. If I do a tcpdump on the firewall and am getting traffic to the remote host on port 80 from the lan host. Somehow this setup isn't running well. If someone can clarify what I might be doing wrong and/or ways I can debug this, I'd appreciate it. The squid's access.log is empty. So traffic isn't going through squid's proxy. but I'm using the same netfilter rules as the aforementioned link. Any help appreciated Ed
