Allmost your solutions require second server or some hardware, why do you use shorewall ? Its a iptables rule generator with a friendly config files. Mine was up and running in 30 min or reading some docs. And you can trace all traffic live.<br>
Good day.<br>