I've been experimenting with gShield trying to learn the ins and outs of iptables. One of the rules is generates is: iptables -A INPUT -s 192.168.6.0/24 -d 192.168.6.0/24 -i eth1 -j ACCEPT The source and dest are correct for my internal network, and eth1 is the internal net. My question is, when would the firewall ever see a packet that could possible match this? Any packet with a source and destination on the same network would send the packet directly (no routing, thus no firewall). What am I missing? thanks, Kelly -- Kelly Setzer, System Administrator/Architect - Placemark Investments 14180 Dallas Pkwy, Suite 200, Dallas, TX 75240 kelly.setzer@placemark.com http://www.placemark.com (972)404-8100x41 (work) (214) 287-3464 (cell)
