I'm in the process of replacing a crappy old 3Com router. I did a test run last night with the new Linux router last night, but there is one issue that I can't quite get my head around. On the old 3Com, a user inside the internal NATed network, when he accesses a forwarded port, can contact the internal device in question. For instance, I have a web server on the internal network with port 80 forwarded to it. With the 3Com router, I can, from another internal computer, access that server via the external interface (ie, by going http://publicaddress). When I throw in my Linux router, it does not do that, and user's have to use the internal IP or host name to access the device. Now, if need be, I'll just toss in Bind 9 views, so that internal users get fed the internal IP, but is there a way to do this under iptables (I'm assuming there is, as I'm fairly certain the old 3Com router is running a version of iptables)? -- Aaron Clausen mightymartianca@xxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html