Hello, For advanced TC, only tcrules can be different regarding IPv4/IPv6 because tcrules can contain IP addresses. So far, what I observed is that an IPv6 rule must be processed by shorewall6. Which would make sense. What I'm not sure about though, is that the 'IPv6 Support' says that when using TC with both, that one side must be disabled by having TC_ENABLED=No and TC_CLEAR=No in that side. So if there are both IPv4 and IPv6 tcrules used, does this mean that, for instance the IPv6 side is disabled and then shorewall AND shorewall6 ae run and the IPv6 tcrules will be processed even though it is marked disabled in shorewall6.conf ? As you see, I'm not sure how it goes. Any help much appreciated. Thanks. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk