Hey Martin - Just want to clarify a few things here first. :) martin.p.burns at uk.pwcglobal.com wrote > My cablemodem provider (http://www.blueyonder.co.uk) have sensibly > provided an ethernet connection to the modem box. Nice one. ok, what exactly do you mean by that? Is your setup one where you have a piece of coaxial cable that runs into this 'cable modem' and a cat-5(ethernet) cable runs out the other, and connects into your PC? Or is it a 'all in one' card, where the cable runs right into a card installed in your computer? > > However, they've locked it down to connecting to a single MAC address > (you can provide them with 2 or 3, but it can only use one at a time). This > is OK I'm thinking, I've an old box I can set up as a network proxy/router > with NAT on Linux thanks to http://www.netmax.com/ > > One wee problem though, the modem is set up such that you need to > use WINS to discover the address for the DHCP server in it. Ok, that doesn't sound quite right. :) When the computer you have the 'cable modem' connected to init's its networking shit, it sends out the DHCP request, which the DHCP server run by your ISp should respond to, assigning you an IP address, default gateway, nameservers, etc.. The WINS part of this comes in because your ISP is running Windows NT for their DHCP server, and it wants to get the 'name' of your computer(ususally in the identification tab in network preferences on windows) so it can match it with the IP address the DHCP server is assigning you for its own purposes like dynamic DNS configuration. its well known that WINS shouldn't be deployed in hetrogenous environments and that it opens up a number of security holes, but I digress.. With the history and personal commentary from me out of the way, lets try to find a solution :) I assume you have the Linux box set up for DHCP on its external interface. I'll also assume that we're leaving the firewall off for now(and make sure you're not blocking UDP traffic because thats what DHCP uses).. First off, just try putting your linux box on the network and let it boot up. run the /sbin/ifconfig command to see if the DHCP program got network info assigned to it by the DHCP server. You'll be looking ofr a couple lines like: Link encap:Ethernet HWaddr XX:D0:B7:68:D5:XX inet addr:10.0.10.222 Bcast:10.0.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MTU:1500 Metric:1 RX packets:4691894 errors:0 dropped:0 overruns:0 frame:0 TX packets:3978573 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:17 Base address:0xe000 If you only see information for the lo interface, the DHCP server didn't assign anything to you.. lets find out why. As root(i'm assuming the netmax firewall is based on redhat linux because I heard that somewhere, i might be wrong) run the command: /etc/rc.d/init.d/network restart - this will ask your DHCP client to make another request to the server. Run the /sbin/ifconfig command again, and if nothing shows up, cut and paste any relavant info from your /var/log/messages file to me. If it doesn't work, and they are using an NT based DHCP server like I thought, we're going to have to get WINS going on your linux box. We'll do this with Samba. If the firewall doesn't have samba installed already, go get it from samba.org, install it, and configure it(email me if you need help with any of that). You'll not be caring so much about the SMB part of samba as the NMB part of it, which handles the Netbios stuff, and indirectly WINS. Once we get all that set up(its a bit, but lets not mind the details ATM), we'll start the NBD stuff and restart the network services on your linux box and it should be able to communicate without a hitch to the NT DHCP server. You'll then be able to plug in your other windows and mac machines and have them use the linux box as a router/firewall/proxy device, and everyones happy. Just to interject some more opinion here, this is a great example of MS trying to expunge non windows OS's from the network, and further their monopoly. Its also precisly the reason that no one really uses NT for DHCP services. At any rate, thats the way we'll have to go here martin, feel free to drop me a line if you have probs :) .djc.