Hello, I have installed Shorewall 2.0b with three interfaces and squid-proxy. Also, I have internal DNS server running in the same server where I have my web page. Connections from internet can view my web pages but not my internal users if I configure the browser to use squid. Without squid everything it''s ok. Here is my shorewall configuration: /etc/shorewall/rules: REDIRECT loc 8080 tcp www - - DNAT net dmz:192.168.1.136 tcp 3000 - - DNAT loc dmz:192.168.1.136 tcp 3000 - - # Accept DNS connections from the firewall to the Internet # ACCEPT fw net tcp 53 ACCEPT fw net udp 53 # Accept SSH connections from the local network to the firewall and DMZ # ACCEPT loc fw tcp 22 #ACCEPT loc dmz tcp 22 # # DMZ DNS access to the Internet # ACCEPT dmz net tcp 53 ACCEPT dmz net udp 53 # # Make ping work bi-directionally between the dmz, net, Firewall and local zone # (assumes that the loc-> net policy is ACCEPT). # ACCEPT net fw icmp 8 ACCEPT loc fw icmp 8 ACCEPT dmz fw icmp 8 ACCEPT loc dmz icmp 8 ACCEPT dmz loc icmp 8 ACCEPT dmz net icmp 8 ACCEPT fw loc icmp 8 ACCEPT fw dmz icmp 8 ACCEPT net dmz icmp 8 /etc/shorewall/policy loc net ACCEPT loc fw ACCEPT loc loc ACCEPT # If you want open access to the Internet from your Firewall # remove the comment from the following line. fw net ACCEPT fw dmz ACCEPT fw loc ACCEPT # Also If You Wish To Open Up DMZ Access To The Internet # remove the comment from the following line. dmz net ACCEPT dmz fw ACCEPT dmz loc ACCEPT net all DROP info all all REJECT info Can anyone tell me what I doing wrong? Thank you.