Hello, My server is on Mandriva 10.1 eth0 is WAN with static IP connected to 512K DSL eth1 is LAN - 192.168.0.0/24 and 192.168.21.0/24 I want to use IP + MAC filtering to allow/deny clients acces to net as follows. A FORWARD -i eth1 -o eth0 -s 192.168.0.5 \ -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT First tell me if above rule correct. Second I think I need first a rule to deny all IPs and MACs. Is that correct ? Howto first deny all IPs and MACs ? Thanks in advance Varun