diff --git a/docs/Shorewall_Squid_Usage.xml b/docs/Shorewall_Squid_Usage.xml
index 1efbac6b8..83fc00563 100644
--- a/docs/Shorewall_Squid_Usage.xml
+++ b/docs/Shorewall_Squid_Usage.xml
@@ -348,12 +348,12 @@ Tproxy 1 - - lo - tproxy
/etc/shorewall/tcrules (assume loc interface is
- eth1):
+ eth1 and net interface is eth0):
- MARK SOURCE DEST PROTO DEST SOURCE
- PORT(S) PORT(S)
-DIVERT - 0.0.0.0/0 tcp 80
-DIVERT - 0.0.0.0/0 tcp - 80
+ FORMAT 2
+#MARK SOURCE DEST PROTO DEST SOURCE
+# PORT(S) PORT(S)
+DIVERT eth0 0.0.0.0/0 tcp - 80
TPROXY(3129) eth1 0.0.0.0/0 tcp 80
The DIVERT rules are used to avoid unnecessary invocation of TPROXY
@@ -365,5 +365,11 @@ TPROXY(3129) eth1 0.0.0.0/0 tcp 80
#ACTION SOURCE DEST PROTO DEST PORT(S)
ACCEPT loc $FW tcp 80
ACCEPT $FW net tcp 80
+
+ /etc/squid3/squid.conf:
+
+ ...
+http_port 3129 tproxy
+...