Hello Harold ! Generally, don't use Kernel 2.4.x for firewalling in the next few months. The new possibilities are exciting, but lots of bugs have to be caught, before people can start using it in a secure way. Stay with 2.2.x kernels and learn ipchains. Learning Iptables (from 2.4.x) afterwards will be easier then. I also recommend the patch from www.openwall.com/linux, which adds (limited) support for non-executable-stack (against buffer overflows) and other goodies (proc filesystem restriction, which makes users unable to see the processes of other users). hth Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \