hi every one

i installed a ubuntu server 8.04 and installed on it an squid server 2.6 stable 18 and shorewall and webmin on a system which want to be a gateway with 2 interface eth0 to lan and eth1 to net, this system want to be a squid cache for our lan

on shorewall policy i said to allow every one from every where
net loc ACCEPT
loc net ACCEPT
loc all ACCEPT
$FW all ACCEPT
net all ACCEPT



and on it's rules i said to DNAT HTTP requests to squid
DNAT loc net:86.109.37.6:3128 tcp www
REDIRECT net 3128 tcp www


now my squid is runing and work very good but i cant response HTTPS, FTP, and any other protocol which need connection through shorewall, but with this policy ICMP packets are transfering and i can ping websites,
and with DNS server is runing on this system, DNS packet travel through shorewall but there is no response to HTTPS,FTP

i used this rules but didn't worked

###########
DNAT lo net:86.109.37.5 tcp 20,21
ACCEPT net lo tcp 20,21
ACCEPT lo net tcp 20,21
DNAT net lo:86.109.37.6 tcp 20,21

############
ACCEPT fwall net tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submissi on
ACCEPT fwall net udp https

ACCEPT net fwall tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submissi on
ACCEPT net fwall udp https

DNAT lo net:86.109.37.5 tcp ssh,https,smtp,pop3,pop3s,imap2,imaps,submission
DNAT lo net:86.109.37.5 udp https

DNAT fwall net:86.109.37.6 tcp ssh,https,smtp,pop3,pop3s,imap2,imaps,submission
DNAT fwall net:86.109.37.6 udp https


###########


what i most do? i searched internet but nothing they say this work but didn't