Hi Everyone. Since opening up the http port with Yast2 under SuSE 8.0 (to be able to serve web pages via apache) /var/log/firewall has grown to enormous proportions with stuff like this: Sep 27 22:11:37 altea kernel: SuSE-FW-DROP-ICMP-CRIT IN=eth0 OUT= MAC=00:50:bf:d6:1d:56:00:60:68:81:10:c7:08:00 SRC=194.179.92.1 DST=192.168.1.2 LEN=56 TOS=0x00 PREC=0x00 TTL=252 ID=5318 PROTO=ICMP TYPE=4 CODE=0 [SRC=192.168.1.2 DST=134.76.11.100 LEN=52 TOS=0x00 PREC=0x00 TTL=60 ID=17091 DF PROTO=TCP INCOMPLETE [8 bytes] ] Sep 27 22:17:18 altea kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT= MAC=00:50:bf:d6:1d:56:00:60:68:81:10:c7:08:00 SRC=80.34.65.60 DST=192.168.1.2 LEN=51 TOS=0x00 PREC=0x00 TTL=116 ID=12846 PROTO=UDP SPT=2933 DPT=4668 LEN=31 I close port 80 and all is back calm again. Any security gurus able to give any advice here? Thanks, Steve.