Hello, Ok -- I had my firewall working perfectly with a default policy in affect: iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP It was also working great for the 22 virtual IP addresses. I then though about the NAT chains (PREROUTING,OUTPUT and POSTROUTING) and figured they should have a default policy as well. I added that to the list and not I can not start a out going connection from the firewall. So my question is do I need default policies for the NAT chains ? If so it would seem like I need some rules added twice ? Any suggestions would be appreciated :) -- Michael Gale Network Administrator Utilitran Corporation
