I have SUSE 8.0 and am running SuSEfirewall2 and I have the below setup; ---------------------- | | | DSL Modem | | | ---------------------- | | ---------------------- | | | HUB | | | ---------------------- | | ---------------------- |eth1 eth2 | | | | SuSE Firewall2 | | | | | | eth0 | ---------------------- | | ---------------------- | | | HUB | | | ---------------------- | | | | | | | | | | | | | | L_______ workstation_a WEB1 | | | x.x.x.30 x.x.x.6 | | L_________ workstation_b | | x.x.x.31 WEB2 | x.x.x.7 | | Mail1/ftp1/scp1 x.x.x.8 IP Addresses; eth1 and eth2 are ISP assigned STATIC addresses. I need to permit the exchange of DNS services to my internal machines Internal addresses are 192.168.0.x What I want to do; web traffic on eth1 needs to go to web1 ( port 80 httpmhttps) my work web server pop, ftp and scp traffic on eth1 needs to Mail1/ftp1/scp1 web traffic on eth2 needs to go to web2 ( port 80 http,https) my other web server the workstation_a and workstation_b both shoudl be able to surf the net as well as access the internal pop as well as access external pop as well as any other internet based service. So what the heck do I need to do to my SuSEfirewall2 and SuSEfirewall2-custom files? Any help out there? Thanks. -- Mike Wilsher - Unix/Security/Disaster Recovery PGP = 5E 1C 46 C6 0A 49 FF A6 94 72 2C FA D3 C6 1C 28 9D DF 7E EB NIHRC KC5BOD