diff --git a/disable-rp-filter.sh b/disable-rp-filter.sh
new file mode 100755
index 0000000..270d059
--- /dev/null
+++ b/disable-rp-filter.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+sysctl -a|grep \.rp_filter|gawk '{print $1}' |xargs -I{} sysctl -w {}=0
diff --git a/install-ngtech-squid.sh b/install-ngtech-squid.sh
new file mode 100755
index 0000000..1ff75b9
--- /dev/null
+++ b/install-ngtech-squid.sh
@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+dnf module disable squid -y
+
+cat <<EOF > /etc/yum.repos.d/ngtech-squid.repo
+[ngtech-squid]
+name=Rocky Linux \$releasever - NgTech Squid Repo
+#mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=\$basearch&repo=BaseOS-\$releasever
+baseurl=https://www.ngtech.co.il/repo/rocky/\$releasever/\$basearch/
+gpgcheck=0
+enabled=1
+countme=1
+EOF
+
+dnf check-update
+
+dnf install -y squid squid-helpers
+
+dnf install -y epel-release
+
+crb enable
+
+dnf install -y epel-release
+
+dnf install -y iptstate atop htop conntrack-tools curl jq wget iptables-services iptables-utils \
+	tcpdump 
+
+systemctl disable firewalld --now
+
+cp -vf rules.v4 /etc/sysconfig/iptables
+cp -vf rules.v6 /etc/sysconfig/ip6tables
+
+
+systemctl start iptables
+systemctl start ip6tables
+
+systemctl enable iptables
+systemctl enable ip6tables
diff --git a/rules.v4 b/rules.v4
new file mode 100644
index 0000000..e69de29
diff --git a/rules.v6 b/rules.v6
new file mode 100644
index 0000000..e9d7fd8
--- /dev/null
+++ b/rules.v6
@@ -0,0 +1,37 @@
+# Generated by ip6tables-save v1.8.5 on Tue Aug 27 02:40:47 2024
+*filter
+:INPUT ACCEPT [9:758]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [9:608]
+COMMIT
+# Completed on Tue Aug 27 02:40:47 2024
+# Generated by ip6tables-save v1.8.5 on Tue Aug 27 02:40:47 2024
+*security
+:INPUT ACCEPT [9:758]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [9:608]
+COMMIT
+# Completed on Tue Aug 27 02:40:47 2024
+# Generated by ip6tables-save v1.8.5 on Tue Aug 27 02:40:47 2024
+*raw
+:PREROUTING ACCEPT [9:758]
+:OUTPUT ACCEPT [9:608]
+COMMIT
+# Completed on Tue Aug 27 02:40:47 2024
+# Generated by ip6tables-save v1.8.5 on Tue Aug 27 02:40:47 2024
+*mangle
+:PREROUTING ACCEPT [9:758]
+:INPUT ACCEPT [9:758]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [9:608]
+:POSTROUTING ACCEPT [9:608]
+COMMIT
+# Completed on Tue Aug 27 02:40:47 2024
+# Generated by ip6tables-save v1.8.5 on Tue Aug 27 02:40:47 2024
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
+# Completed on Tue Aug 27 02:40:47 2024