I haven't gotten into IPTables yet (I'm going to now though. I get to upgrade the firewall here at work. Yippey!) so I can't really help all that much. Just a suggestion. Check out Junkbuster (www.junkbuster.com). It blocks adds and add sites. You can even set it up to replace the adds with a very small picture (the standard is the junkbuster logo), like a 1x1 pixel pic. Very nice. Doesn't effect the look of the page though. If you don't set it up to replace the add with a pic the browser just uses the missing picture/data thing. It has a lot of other features also. Cookie proxy. Secure HTTP proxy. Lots of fun stuff. You can set up Junkbuster and Squid to work together (which is supposed to be the best configuration anyway). Just a thought (and a small one at that) sim