It looks like you would like to do source NAT on the incoming packets. There is a good tutorial online: http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html Paul -----Original Message----- From: mick [mailto:mick@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, June 18, 2003 10:54 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Ip handling I have a delema and i'm not sure how to handle it. I run a login server on port 5999 that does authentication based on IP address. So when someone with a dynamic internet connection tries to login with a differnt IP then the registered one, The login server rejects them. I am not good enough with Iptables to know if it is possible or not but is there some way to make it so all connections to that PORT(5999) appear to come from my Local network 192.168.0 The other method i thought about was running my authentication/login server on another machien behind the firewall. but i think i would have to make all packets coming from the inter net to that port appear to come from the local network prior to forwarding them to the Other server. both of which i am unsure how to accomplish. The Authentication server is a binary that is not linux/unix nativly so at this time i can not recode it and remove the IP matching function. Any help with this problem is greatly appreciated. Mick Does anyone know of a way to make say all connections from the outside going to my outside IP address Appear to be coming from my local lan of 192.168.0.1