: > What exactly do you mean here? Do you wish to use fwmark as a : > selector for traffic control? : : Not sure if I mean fwmark. However Stef's docs are on my reading : list. Basically I will want to simulate different types of firewalls : per iprange. Meaning -- the basic firewall config I will allow : anything out and only responses into the "network" and on a more evil : admin type firewall I would like to block various ports from outbound : access. I think you'll find iptables more than adequate. For the packet filtering, mangling/marking and NAT (if you need it), you'll find iptables more than adequate. For traffic control, you'll use tc, which is part of the iproute2 package. (Note, that the tc with htb support is currently only available via the main HTB page, as a patch or binary.) : Which would be better ipchains or iptables? iptables if you have a choice. For iptables help: http://iptables-tutorial.frozentux.net/ Is the best place to start. -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@xxxxxxxxxxxxxx