Hello, I'm new to this firewall stuff. I need help to open up my private-IP DMZ to the internet. My network is like this: 192.168.1.x _______202.x.y.z _______ ---LAN--------+ Firewall + -----------+ Router +--------- internet |________| |_______| | DMZ (192.168.8.x) I have been able to setup ipchains firewall rules such that: 1. Database server in LAN can update the web server in DMZ 2. Users in LAN can browse internet via IPmasq But, this one I have no idea how to do: 3. Public from internet can access the private-IP web/dns/email servers. (do people call this port-forwarding or something?) Can somebody help me with no.(3)? Thanks in advance, azman