Hi, i have got : network A with ip adress room 192.168.x.x (this side also connects to the internet) network B with ip adress room 10.x.x.x (my internal LAN) and a router with is a Linux box to connect the 2 lans via routing. So far so good, the traffic is running between the 2 networks, since i configures the routes on both networks. ------------| |------------ | | LAN A |-----------------------ROUTER---------------| LAN B | | ------------- -------------- My problem is though, i have no restrictions! I know the first few commands like : iptables -P FORWARD DROP, but i want to regulate, that WKS_A from LAN_A can communicate with WKS_1 from LAN_B but not with WKS_2 from LAN_B. Or that WKS_1 on LAN_A is allowed to use SSH ánd nothing else, but WKS_2 on LAN_A can use all tcp/ip services....... Thanx a lot in advance Gerhard Grutsch Support services Tel : 089/55878-151 Mobile : 0172-8391368 E-mail : ggrutsch@statestreet.com