Hi. I thought I should share my experience with the 1.3.10 series. I am setting up a new machine that has 4 built-in ethernet ports. I am particularly interested in the new option "maclist" and how that can effectively manage wlan users. The machine is setup with rh8.0. /etc/shorewall/zones: net Net Internet loc Local Local networks dmz DMZ Demilitarized Zone wlan 802.11 802.11b Wireless LAN Zone /etc/shorewall/interface: net eth0 detect dhcp loc eth1 detect dhcp dmz eth2 detect dhcp wlan eth3 detect dhcp,maclist /etc/shorewall/maclist eth3 00:60:B3:XX:XX:XX #cf fulbond model xi815 - sharp zaurus eth3 00:02:78:YY:YY:YY #pcmcia samsung model swl-2100N eth3 00:02:78:ZZ:ZZ:ZZ #pcmcia samsung model swl-2100N I used the stock three-interfaces example files and added the zones and interfaces and maclist. I am also using nocat''s stuff (www.nocat.net) for the wireless LAN portion. The nocat stuff just works and works well with shorewall. I understand that I could fold the wlan into one of the other zones but it looks like it would be better from a management point of view to follow this (and it does help that my machine has 4 ports which might not be possible for most people). Next thing is to setup a ipsec vpn. Thanks, Tom, for this wonderful management tool. One more thing: I would like to offer a mirror for shorewall in my timezone (GMT+8) - perhaps http://singapore.shorewall.net? What should I do? Regards. Harish Pillay Singapore