> Maybe, I am not understanding you, but if you just want port 80 to be > available on each of those machines, all you needs is to have this in your > iptables: > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j > ACCEPT > > :-) I want to drop *anything* other than to port 80. mark