Hi all, I'm new to this list so "hi! and thanks for any support you can give me :)". I'm experiencing a problem with packet mangling ( I think ), in my configuration there are 2 providers, balanced in this way prov1 1 1 - eth0 x.x.x.x track,balance - prov2 2 2 - eth2 y.y.y.y track,balance - all is working, the packets are put out of the interfaces in a round robin like method. but now, my customer wants that an ftp service behind firewall is exposed only trought prov1, so I decided to act in this way: rules file: DNAT net loc:x.x.x.211 tcp 20 - ip_pub_on_provider_1 DNAT net loc:x.x.211 tcp 21 - ip_pub_on_provider_1 mangle file: MARK(1):P x.x.x.211/32 0.0.0.0/0 all But, the connections are not allways going out with eth0, sometimes going out with eth2. Can you help me with this problem ? I suppose is a mangle problem. Regards, roby ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk