In this chapter we'll build on the material from the previous chapters while trying to meet the real-life challenges of larger networks or even smaller ones with relatively demanding applications or users. The sample configurations in this chapter are all based on the assumption that your packet-filtering setups will need to accommodate services you run on your local network. We will mainly be looking at this from a Unix perspective, focusing on SSH, email, and Web services, with some pointers on how to take care of others.