hello list! I have installed firewals 2.1-5 on one of my machines. it has two internal devices (eth0: 192.168.0.10, eth1: 192.168.1.10) and one external (ippp0). both internal nets can connect to the internet w/o problems, but connecting to each other seems to be a problem, since there is no customizable ruleset in the firewall config for that (routing, forwarding etc. between internal ifaces) --snip-- Chain forward (policy DENY): target prot opt source destination ports fw_masq all ------ 192.168.0.0/23 0.0.0.0/0 n/a DENY all ----l- 0.0.0.0/0 0.0.0.0/0 n/a --snip-- after executing --snip-- ipchains -D forward 2 ipchains -A forward -s 192.168.0.0/23 -d 192.168.0.0/23 -j ACCEPT --snip-- the machines on the two different nets can connect to each other. the firewall is also a smb server, hence it tries to broadcast to both nets, which unfortunately is also denied. any idea to modify the SuSEfirewall script that it fits my needs? I'm not that familiar with ipchains :( thanx in advance. Mit freundlichen Grüssen | Wolfram Schlich ------------------------------------------------------------------ | E-Mail: wolfram@schlich.org * ICQ #: 35713642 | Postal: Berghof * 56626 Andernach * Germany | Tel.: +49-(0)2636-941194