Hi, in one network, I am running shorewall as default gateway and set up a static route on this machine, which "routes" clients asking for a certain net to a different router. This works fine, because I have the policy LAN -> WAN ACCEPT. Now in a second installation, I have the same, excpet that LAN->WAN is on REJECT and only ports permitted by rules are allowed. In this scenario, the route forwarding does not work and I dont know, which rules will enable this. tia ndee