NNTP works well on my firewall, but doesn't work at all on client computers that reside behind my firewall. i put this iptables line in my custom firewall script file. under "fw_custom_after_antispoofing()" i have iptables -N network1_in iptables -N network1_out iptables -A FORWARD -i eth2 -o eth1 -j network1_in iptables -A FORWARD -i eth1 -o eth2 -j network1_out iptables -t nat -A POSTROUTING -o eth2 -p tcp -s $mynet --sport 1024:65535 -d 0/0 --dport 119 -j SNAT --to $my_ext_ip iptables -A network1_out -p tcp -s $mynet --sport 1024:65535 -d 0/0 --dport 119 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A network1_in -p tcp -s 0/0 --sport 119 -d $mynet --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT but it still doesn't work ? what could be the problem ? "Who the heck is General Failure, and why is he reading my harddisk?" __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com