Hi, I have a machine A and B. I want to use IPTALBES to allow all communication b/t the two; what option can I use? thanks in advance.

Allowing something like that generally requires that both machines have static IPs (ie: the IP won't change). If that's the case, run these commands on each machine (replacing other.ip.addr.ess with a real value, obviously): iptables -I INPUT -s other.ip.addr.ess -j ACCEPT iptables -I OUTPUT -d other.ip.addr.ess -j ACCEPT (The -I makes sure this is the first rule checked; if you just append (-A), make sure you put it before any rules that drop/reject packets.) WARNING: Those rules, if applied on each machine, will leave communications between the two IPs wide open. Beware, though; it's possible to spoof packets (pretending you're another machine), which leaves you wide open to anyone else who knows to pretend to be the machine B if they want to talk to machine A. If the two boxes aren't on the same local network, you may want to reconsider implementing those rules -- they kinda defeat the purpose of a firewall.