Hello again. Suppose I have the following setup: |-----------| |-----------| LAN<--|---eth0 ---| <------LINUX Router-------> |---eth1 ---|------>INTERNET |-----------| |-----------| eth0 = 192.168.0.1 (LAN) eth1 = 194.105.23.2 (INTERNET) As a basic configuration my Linux box is in fact a NAT box and an "iptables-based" firewall. The box works excellent for protecting my LAN. Now, I have bought a class of 8 IP's (real ones). Those IP's were routed by my ISP to my little Linux box. I have assigned 5 of these 8 IP's to some computers in my LAN, as they need real IP's on them. One of them is placed on an alias to eth0. (eth0:0 = 213.154.255.209). The new gateway for these 5 computers is in fact 213.154.255.209 (eth0:0), and as far as my judgment goes they are completely exposed to attacks. Is there any possibility to make my Linux box work as a firewall, not only for the NAT-ed machines, but also for these 5 computers that have real IP's? Thanks in advance. _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/