Hi, I have been using shorewall in our environment for 2 years now. We have been using version 1.4 I now have a lot of changes and the time to sort out our firewall properly so I have been looking at version 2.4 I see there are a lot of new features which is always a good thing. The feature I am most interested in is multiple nets. I have a couple of questions that I couldnt really find answers for in your FAQ or in previous questions (aka: mail archives) Here is a description of our network. We have a fixed line (128k) link to our ISP. We have an ADSL connection which we want the firewall to manage. We have 4 separate subnets connected to 4 individual interfaces in our firewall They are: DMZ, Developers, Production and LAN In our current configuration, we have all our internet based traffic routed through the 128K fixed line. Now we want to add the ADSL line to this as it is a lot faster and a lot cheaper than the fixed line. We would like the following services routed through ADSL: web port 80 via squid Outgoing email (smtp port 25) We have other critical services which we will keep going through the fixed line as the reliability is higher with our fixed line. My problem comes in with the outgoing mail on port 25. The ISP that supplies our ADSL traffic has an SMTP Smart-host which we would like to use however they only accept connections from hosts that have an IP address from their DHCP assigned range. Our mail server resides in our DMZ and has a valid address so that we can accept incoming email. How do I route SMTP traffic through the ADSL line and have the address translated to the IP address of the ADSL interface? Currently we are using PPPOE over the LAN interface for the ADSL connection. This brings up an interface called dsl0. We are considering using the ADSL device in bridge mode and connecting it to a dedicated interface to prevent our users accessing the internet directly with their own ADSL account information. Any information you can supply would be greatly appreciated. Kind Regards Gary van Blerk ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl