But this isn't what exactly I was waiting for ... okay after my usual tradition of custom compiling tarball kernels I have ended with a 2.6.20 SuSE 10.1 pretty running okay and optimized for the CPU model the box uses, so voila a fast and stable system. Now assigning the NIC to the external zone (it is, there's no NAT behind that box) and activating firewall all open ports from outside to inside they do work! All ports from inside to outside are kept blocked, so DNS fails for example, until someone tells me what file to edit manually and add the required from inside ports to be opened as well. The following is an lsmod list, hoping something isn't missing. When I activate firewall additional modules do load, but this won't solve the problem. Module Size Used by edd 19016 0 ipv6 315264 22 button 17504 0 battery 19464 0 ac 14408 0 loop 26448 0 xt_conntrack 11648 0 x_tables 29384 1 xt_conntrack nf_conntrack_ftp 19232 0 nf_conntrack 70940 2 xt_conntrack,nf_conntrack_ftp nfnetlink 16136 1 nf_conntrack dm_mod 69456 0 ehci_hcd 40652 0 uhci_hcd 33440 0 shpchp 42780 0 i2c_viapro 18392 0 i2c_core 32640 1 i2c_viapro usbcore 147504 3 ehci_hcd,uhci_hcd pci_hotplug 41796 1 shpchp r8169 40904 0 reiserfs 237952 1 ext3 145168 0 jbd 81528 1 ext3 sg 45224 0 pata_via 21700 0 capability 14408 0 commoncap 16640 1 capability amd74xx 23920 0 [permanent] sata_via 20292 2 libata 120032 2 pata_via,sata_via fan 14024 0 thermal 24208 0 processor 45224 1 thermal via82cxxx 17988 0 [permanent] sd_mod 30464 3 scsi_mod 164856 3 sg,libata,sd_mod ide_disk 25024 0 ide_core 152832 3 amd74xx,via82cxxx,ide_disk Kind Regards Nick. --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org