If you didn't just make a typo in the transcription of this, you may want to check your LAN side address. Your LAN_NET in this is not the subnet that your LAN_IP is on.. I wonder if this is confusing your rules? -Steve -----Original Message----- LAN is a private network: LAN_IFC=eth0 LAN_NET=192.168.0/24 LAN_IP=192.168.1.1 WAN is the internet: WAN_IFC=eth1 WAN_NET=209.217.118.0/29 WAN_IP=209.217.118.226
