I have stared at this for HOURS now. I can log into my firewall with ssh. Repeatedly. I can even then scp a file over. But if I try to log into the server again after the scp, I can't. All of a sudden, the SuSEfirewall2 setup starts blocking SSH packets! WTF!? How can the firewall allow, allow, allow connections, then STOP allowing them? What in the bloody blue blazes is that SuSEfirewall2 script doing in the bowels of my system to suddenly start blocking SSH packets? As a bonus, if I wait, like, 5 minutes, it suddenly STARTS WORKING AGAIN! Here's one of the blocked packets: May 11 16:45:57 reliant kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=00:10:b5:0d:c3:0c:00:02:b3:03:68:05:08:00 SRC=192.168.4.200 DST=192.168.1.254 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36723 DF PROTO=TCP SPT=34137 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A01390E8F0000000001030300) "ILLEGAL-TARGET"!? It was legal two seconds ago. I've tried turning on and off various options in /etc/sysconfig/SuSEfirewall2 rerunning `SuSEfirewall2', but nothing I do anymore fixes this. Not "protecting" my firewall from internal, or not NOT protecting it. Not the advanced "kernel" features. Nothing. I even tried downgrading my ssh to the version that came on the CD's (since it was just upgraded last night), but that didn't fix it either. It's like I'm running afoul of some rate-limiter, but I'll be dipped if I can find it in the setup script. I don't even see it in the debug output. PLEASE SOMEBODY HELP ME! I reran my old tried-and-true hand-written firewall script, and everything works just fine. I am just going out of my mind with this. I even wrote the guy who wrote the firewall script. I hardly EVER bother the source like that, but I am just stuck. As a recent convert, I want to use the "SuSE way," but to do that, apparently some kind SuSE expert is going to have to take pity on me. Regards, dk