Hi all, I currently have a cable modem with an old 486 running masq and a strong ipchains ruleset for my 192.168.0.0/24 network. I currently run web and ftp via portforwarding, and it works fine. The firewall IP is 192.168.0.1/24 I'm now trashing my Win2K Server box (used only for web and ftp - was bogging it down completely) and setting it up with Apache, Postfix, Imp, Cyrus, MySQL, FTP, and BIND. This box has two nics in it, one to the Internal network (192.168.0.10), the other to the internet. It will be a Samba domain controller for the internal network, as well as an internal dns server. It will be an authoritive dns server on the external side for a couple of domains as well. I've followed the Secure BIND template located at http://www.cymru.com/~robt (adapted for linux), and I have a few questions. First, since I'm running split named processes (one for internal, and one for external) and the internal one uses the external address as a forwarder, I'm guessing that I will have to turn on masquerading and ip forwarding for that to happen without traffic leaving my cable modem via the firewall at 192.168.0.1 - correct? If not, please advise - I'd rather not turn on IP Forwarding at all. Also, I've got my firewall setup running Psionic Logcheck, and I'm happy with it, but I'm also aware of some other log parser with email notification packages out there - but I haven't tried any of the others. What's everyone's opinions on them? (no Holy Wars please) Thanks in advance, Justin _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list