Hi, I'm using ipchains and I'm masquerading my internal LAN. All working fine, so far. I want to allow access to a server running on a given port on an internal machine. So it would seem that I need to allow that port into the firewall, and also forward that port to the internal machine on the port where the server is running. I'm a bit confused about how to do this, can anyone help? This is what seems to be needed to allow access in and out of the firewall machine: # Allow access to that port on the firewall ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \ -d $MYIPADDR $SERVER_PORT -j ACCEPT -l ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \ -s $MYIPADDR $SERVER_PORT -j ACCEPT -l What I'm unclear on is how to write the forward rule, if that's what I need, to forward the port on the firewall machine to the port on the internal machine. I'm not sure if I can "simply" write a ipchains -A forward rule or if I need to use something like ipmasqadm in addition to ipchanis. Thanks, Bill Moseley mailto:moseley@hank.org -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/