Hello, i got the following problem: I have a firewall server mounting Susefirewall2, with 2 internal ethernet board and 1 external. From the outside, i got at my disposal a series of IP address, e.g. from 100.100.100.1 to 100.100.100.64, configured on the external ethernet like alias. I'll call this board eth0. Others 2 boards have a part of the 192.168.0.0 net,e.g. eth1 has 192.168.0.1 IP address with 255.255.255.128 netmask, while the eth2 has 129.168.0.129 IP and the same netmask like eth1. Internal machines supply services to the external of the firewall, and they are reached only trough the rules of FW_FORWARD_MASQ, e.g. 0/0,192.168.0.5,tcp,80,80,100.100.100.3 forwards the request reached on the 80 port on the public IP 100.100.100.3 to the 80 port on the private IP 192.168.0.5. Machines under the eth1 net talk without problems with the firewall and with machines under the eth2 net and vice versa. The problem begins when an internal machine 192.168.0.x try to enter to one of the public IPs on the external interface of the firewall, e.g. when 192.168.0.9 try to contact http://100.100.100.3 the IP gots blocked from the firewall. How can i do to remove this block? Bye Thanks -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org