this is my iptables rules iptables -A PREROUTING -p tcp -m tcp --dport 30000:60000 -j REDIRECT --to-ports 50000 port 5000 is the squid's listing port. What i want to do is to assign each user an unique port number and rely upon the port number in the access log for accounting. OK,the procedures will be something like this: 1,When an user register an account at the site, assign the user a random port number and associate it to the username in database 2,Open the port using iptables 3,use the %>lp symbol to record the connected port number in access log. 4,Parse the access log and insert relevant accounting data into the database 5,Automatically ban ip if port scanning is detected i'm stuck at the step 3 as i'm unable to get the connected port number in forward proxy mode Do you think this can work reliably in reality? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/how-can-i-get-the-localport-in-forward-proxy-mode-tp4666888p4666890.html Sent from the Squid - Users mailing list archive at Nabble.com.