Hello, i'm using suse 7.3 as a router for a privat network. Filtering and masquerading is done by firewall2. Connection to the internet is done by rp-pppoe. After booting, everything works out fine, but when i get a new IP (/usr/sbin/adsl-stop /usr/sbin/adsl-start), the Firewall2 seems to block the whole linux-mashine (not even ping to an IP). The Firewall-log shows (for example): Mar 18 10:20:57 linux kernel: SuSE-FW-UNALLOWED-TARGETIN=ppp0 OUT= MAC= SRC=193.189.244.205 DST=213.20.25.63 LEN=76 TOS=0x00 PREC=0x 00 TTL=247 ID=50701 PROTO=UDP SPT=53 DPT=1031 LEN=56 The router-funktion works out fine though. All Clients in my private Network can reach the Internet as usual. When i restart the Firewall, all problems are gone. This looks to me like a Firewall-configuration-problem. Any ideas what to do?? Should i ad any CUSTOMRULES? Thanks for reading so far! pierre Here is my firewall2.rc.config: FW_DEV_EXT="ppp0" FW_DEV_INT="eth1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="192.168.1.0/24" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="no" FW_SERVICES_EXT_TCP="www ftp ssh 3756" FW_SERVICES_EXT_UDP="domain" FW_SERVICES_EXT_IP="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_INT_TCP="www ftp domain ssh 139" FW_SERVICES_INT_UDP="domain" FW_SERVICES_INT_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="yes" FW_FORWARD="" FW_FORWARD_MASQ="" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="--log-level warning --log-tcp-options --log-ip-option --log-prefix SuSE-FW" FW_KERNEL_SECURITY="no" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="yes" FW_ALLOW_ FW_TRACEROUTE="yes" FW_ALLOW_ FW_SOURCEQUENCH="yes" FW_ALLOW_ FW_BROADCAST="no" FW_IGNORE_ FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="no"