Hi, Does this FORWARD chain look ok in a simple NAT network where the Linux box is connected to the net. Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED REJECT tcp -- 192.168.10.1 0.0.0.0/0 tcp dpt:80 reject-with icmp-port-unreachable Is source 0/0 OK? Should be be 192.168.10.0/24 ? Will the third rule block outgoing connection from 192.168.10.1 to any server at port 80? Thanks a lot and eagerly waiting for the reply. With warm regards, -Payal -- "Visit GNU/Linux Success Stories" http://payal.staticky.com Guest-Book Section Updated.
