Please, help me: firewall should be set as follows: 1. via the eth0 is available from the Internet DHCP network service specified and also can check the availability of the Internet to your virtual machine via ping. No other communications initiated from the Internet (via eth0) is not permitted. From the outside (ie the Internet) enable only check availability virtual machine via ping; iptables –F iptables -A OUTPUT -p udp --dport 68 -j ACCEPT iptables -P OUTPUT DROP iptables -A INPUT -p udp --dport 67 -j ACCEPT iptables -P INPUT DROP 2. through eth1 and loopback is possible to access all ports via any protocol; iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth1 -j ACCEPT iptables -P INPUT ACCEPT 3. Server is capable of communication on the Internet without constraints, that is with any remote network service; iptables -P FOWARD ACCEPT iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT I tis ok? Where is problem?