I tend to not use Linux for dual-homed hosts, but this should be very doable.
Have you enabled logging to see what rules are matching first? It seems strange that you want to block internal access to tcp/80, but if this is true, you can configure the web server to bind to only the external interface/IP so there is nothing to filter out on the internal interface. -Vince _______________________________________________ [email protected] mailing list http://lists.hosef.org/cgi-bin/mailman/listinfo/luau
