hello, i have:

eth0 with 192.168.1.0 subnet
and
eth0:0 with 192.168.30.0 subnet

From eth0 i can only permit samba connections to eth0:0
From eth0:0 i can only permit http connections to eth0

Should i create another zone?
help on this pls



Also, second question.
I have always worked with ethernet cards, but now i want to expand and i usually hear about pppX devices...
can someone explain me about them? so can i connect a xDSL cable to them and directly work without the isp router??

For your first question, you need to set appropriate rules where bot source and destination zone are the same. It is impossible to tell where you are stuck without you posting shorewall config files (and iptable-save would be nice).

I use webmin and it's integrated shorewall config page, but I found out that for setting up virtual interfaces you need to edit config file directly, via "Edit file manually" button.

As for pppX intefaces, yes, you can setup PPPoE or PPPoA connection, avoiding ISP's router, but I would recomend against it. That router is permanent firewall against intrusions into your home/office network, weather you mess with firewall on your PC.

Also, with separate router you can connect several PC's without the need that your PC is ON and properly set-up. Router also always remembers your PPPoE username and password so you can not loose or forget it when you reinstall your PC.