Just use smoothwall. It works. It's Free. It's GPL. It's in Debian. ;-) Package: shorewall Priority: optional Section: net Installed-Size: 376 Maintainer: Lorenzo Martignoni <lorenzo.martignoni at milug.org> Architecture: all Version: 1.4.7b1-1 Depends: iptables (>= 1.2.7a), iproute, debconf Suggests: shorewall-doc, kernel-image-2.4 Conflicts: ipmasq, knetfilter, firewall-easy Filename: pool/main/s/shorewall/shorewall_1.4.7b1-1_all.deb Size: 82996 MD5sum: 66c1f6eb3a4a250b16f7ec7d26f4c4a8 Description: Shoreline Firewall (Shorewall) Shorewall is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system. . Shorewall supports these features: * Customizable using configuration files. * Supports status monitoring with an audible alarm when an "interesting" packet is detected. * Include a fallback script that backs out the installation of the most recent version of Shoreline Firewall and an uninstall script for completely uninstalling the firewall. * Static NAT is supported. * Proxy ARP is supported. * Provides DMZ functionality. * Support for IPSEC, GRE and IPIP Tunnels. * Support for Traffic Control/Shaping -- Chad Walstrom <chewie at wookimus.net> http://www.wookimus.net/ assert(expired(knowledge)); /* core dump */ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20031019/971b06b7/attachment.pgp