Hello OpenSuSE, I have been trying/experimenting with setting up my SOHO network of about 5 computers, most of which are running OpenSuSE 15.4 x64, and one (my main gateway computer to the internet) running OpenSuSE 15.3 x64. All systems are using the Plasma/KDE desktop. My main gateway computer is called "quasar" and the other systems have names such as "bigbang", "nova", etc... My network is split into 2 halves, 192.168.10.0/25 is my "internal" zone, and 192.168.10.128/25 is my "dmz" zone. Except for "quasar" each computer has 2 NIC's, one for each of my zones. Addresses and default routes are assigned by a dhcpd server, and that much is working fine (AFAIK) at the moment. "Quasar" has 3 NIC's, one of which is for my "external" zone, and the other two are for my "internal" and "dmz" zones respectively. The "internal" zone NIC is given a static IP address of 192.168.10.100 and the "dmz" zone NIC is given a static IP address of 192.168.10.200. My "external" zone NIC has been assigned 5 different public IP4 addresses, all statically assigned by using the YaST2->Network Card Setup to assign one of these public IP4 addresses to the NIC card itself, and the other 4 public IP4 addresses are assigned to this same "external" NIC card as additional addresses for that "external" NIC card. What I want to accomplish is to set up the routing so that any incoming traffic to one of these external additional IP4 addresses, on a port, gets routed from "quasar" to one of my other computers on the DMZ side of my network on the same port number. So for example, lets say there is incoming traffic whose destination is 111.111.111.112:10. I want this to be routed/forwarded to my internal computer called "Nova" at it's DMZ address of say 192.168.10.210:10 and I don't want to specify a rule for each and every port number specifically. Different computers will have different services listening on different ports. How do I accomplish this? So far I have tried lots of combinations of setting up rich and direct rules in firewalld, using firewalld's port forwarding rules, using the route tables in Yast2 -> Network Setup, and trying to write iptables rules directly. I have turned on masquerading of course or used nat/dnat rules in iptables. This seems like it should be fairly straight-forward, but I have found no joy getting this to work. (and have spent many days trying to grok a solution) I would sure appreciate it if any guru here could show me how to accomplish this wretched task before I pull all my hair out! One caveat, it would be extremely difficult for me to run extra cables and I really really want to accomplish this virtually with only software configuration solutions. Thanks with much appreciation for helping me with this! Marc..