On our squid box, we are trying to prevent squid from caching several hosts and or hosts with various parameters in the url. The squid proxy is manadory by several iptables rules. The relevant squid directives and iptables are below. Any idea what is being done wrong here? The Squid box is currently running Debian 3.0 w/ Squid version: [squid.conf] heirarchy_stoplist cgi-bin ? msoe.edu 155.92 bank cfm php phtml shtml\ asp pl jsp acl NOCACHEQUERY urlpath_regex cgi-bin \? msoe.edu 155.92 bank cfm php\ shtml asp jsp pl phtml no_cache deny NOCACHEQUERY acl mibank dstdomain .mibank.com no_cache deny mibank [iptables relevant rules] iptables -t NAT -A PREROUTING -i eth2 -s ! $SOURCE -p tcp --dport 80 -j\ DNAT --to ${PROXY}:80 $SOURCE is defined as our dmz, and squid is running on port 80. $PROXY is defined as the IP of our proxy. Right now, the conenctions to our various nocache hosts, are being rejected, and it is defiently squid, as without squid rules in the firewall, the sites work fine. Any Ideas or Suggestions? -- Jonathan Kline Milwaukee School of Engineering klinej at msoe.edu PGP Key fingerprint = 8923 7266 CC84 6D39 6AEA 2313 4241 7851 068E BD2A PGP Key ID = 068EBD2A