Hello, I have set up a dialup router/mail server for private use (suse 6.4). To make it more secure I use SuSEfirewall. There is webmin running on the machine (I am aware of the security risks this may impose!!). First I had it running on port 10000, but then I set it up to use ssl and changed it to a different port (above 1024). I set FW_PROTECT_FROM_INTERNAL="yes" and allowed access to webmin in the line FW_SERVICES_INTERNAL_TCP="ssh squid squid-alt pop3 smtp webmin". There are corresponding entries in /etc/services. FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" is set also. From the outside nothing of this is visible (checked with nmap). When changing the webmin port I did not change the corresponding entry in /etc/services. As far as I understand the comments in firewall.rc.config, this should not allow access to webmin anymore, because the only high tcp ports accessible are 10000 (old entry in /etc/services for webmin), squid and squid-alt. Webmin is running on a different port. This port has no entry in /etc/services. But Webmin is still accessible. Shouldn't this be prevented by setting FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" ? Even more, when I delete webmin in FW_SERVICES_INTERNAL_TCP and run SuSEfirewall again, it is still accessible. Does this mean FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" only protects to the outside? Thanks for any advice. Ralf Corterier