Hello, I currently establish a firewall, i.e. a packet filter with ipchains, under Suse Linux 7.0. After building a new kernel with firewall enabled, I changed the configuration file as seen below. As a boot error message, I receive (after "starting the firewall") about 20 lines with "ipchains: protocol not available". In the Runlevel-2-Konfiguarationfile (rc2.d), I don't see ipchains, which is in fact installed. Can anybody help me ??? Kind regards, Jürgen /etc/rc.config IP_DYNIP=no IP_TCP_SYNCOOKIES=yes IP_FORWARD=yes and /etc/rc.config.d/firewall.rc.config FW_DEV_WORLD="eth1" FW_DEV_WORLD_eth1="192.168.0.2 255.255.255.0" FW_DEV_INT="eth0" FW_DEV_INT_eth0="129.168.0.2 255.255.255.0" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="no" FW_MASQ_NETS="" FW_MASQ_DEV="$FW_DEV_WORLD" # e.g. "ippp0" or "$FW_DEV_WORLD" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_GLOBAL_SERVICES="yes" # "yes" is a good choice FW_SERVICES_EXTERNAL_TCP="80" # Common: smtp domain FW_SERVICES_EXTERNAL_UDP="25" # Common: domain FW_SERVICES_DMZ_TCP="" # Common: smtp domain FW_SERVICES_DMZ_UDP="" # Common: domain syslog FW_SERVICES_INTERNAL_TCP="80" # Common: ssh smtp domain FW_SERVICES_INTERNAL_UDP="25" # Common: domain FW_TRUSTED_NETS="" FW_SERVICES_TRUSTED_TCP="" # Common: ssh FW_SERVICES_TRUSTED_UDP="" # Common: syslog time ntp FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" # Common: "ftp-data" (sadly!) FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" # Common: "dns" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" # set to "yes" if this server is a DHCP server FW_SERVICE_SAMBA="no" # set to "yes" if this server uses samba as client FW_FORWARD_TCP="" # Beware to use this! FW_FORWARD_UDP="" # Beware to use this! FW_FORWARD_MASQ_TCP="" # Beware to use this! FW_FORWARD_MASQ_UDP="" # Beware to use this! FW_REDIRECT_TCP="" FW_REDIRECT_UDP="" FW_LOG_DENY_CRIT="yes" FW_LOG_DENY_ALL="yes" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_KERNEL_SECURITY="no" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_FW_TRACEROUTE="no" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_MASQ_MODULES="autofw cuseeme ftp irc mfw portfw quake raudio user vdolive" -- _____________________________________________________________________ Telefon: +49 (0) 89 / 289 - 25290 Fax: +49 (0) 89 / 289 - 28323 Technische Universität München - Lehrstuhl f. Integrierte Schaltungen Arcisstrasse 21 - 80290 München - Deutschland / Germany E-Mail: Juergen.Foag@ei.tum.de Homepage: http://www.lis.e-technik.tu-muenchen.de/people/jf.html _____________________________________________________________________ If everything you try works, you are not trying hard enough ! (Gordon Moore) _____________________________________________________________________