Hi, I'm having some bother setting up a firewall and although the problem is pure networking I just thought I'd check I'm not doing something stupid. We have a network here with a large number of proper unique ip addresses. This is both for servers and workstations which people like to log into etc from offsite. What I'd like to do is put in some 'seamless' firewalling, ie retain our unique ip addresses but firewall the connection to them to only allow secure connections and log the traffic. To do this I'm putting in a linux box with two NICs between our incoming connection and the primary hub. I'm aware that using non-routables would be easier and more secure but that would mean a complete overhaul of our setup and messing about with proxies. The problem is that this means the two NICs on the firewall are on the same subnet. There appears to be some problem with routing in this setup. I've not tried to do anything fancy just set up eth0 and eth1 as normal. Any comments? I'd really rather avoid a wholescale move to 192.168.x.x if possible. Cheers, JB -- John Bland M.Phys (Hons) AMInstP / \ PhD Student & Sys Admin Email: j.bland at cmp.liv.ac.uk / \ Condensed Matter Group http://ringtail.cmp.liv.ac.uk/ / \ Liverpool University "Hey, I wonder how much meat you get on a womble?" -- Eddie