Bob, Cath is right. If you read the manual, it says that in transparent mode, it will catch only port 80 traffic or https if that is enabled. I guess the problem is that I am so used to using proxy in standard mode, in which it will catch certain protocols without any further packet filter rules as long they are in the allowed target services.

In standard mode, all ftp traffic is handled just like http traffic with all the fancy download graphs and blocked messages that you expect to see. If you enable the seperate FTP proxy (frox), it runs a seperate proxy which doesn't include any of these features. I wonder why didn't they implement transparent mode for in house proxy. Maybe to be more verbose for the command line ftp clients?

I guess the real bug is that the allowed target services only works for standard proxy modes, although it is available in any mode.