* John;
Okay, thanks John. I'd just thought that if I stealthed that port, that my ISP might drop my connection more often since they wouldn't be able to 'ident' me (but I guess this is where my running GAIM during the time I'm on the 'net will allow me to stay up). What do you mean by "instant rejection"? Remember, I'm network stupid (much worse than 'ignorant', because I just can't seem to understand this stuff no matter *how* much I read or ask), and me trying to 'make some rules', would be like dropping me into the head supervisor's seat at NASA during a shuttle launch...things would instantaneously start to 'go wrong'.
--reject-with tcp-reset have a look at http://sourceforge.net/rojects/susefaq for the SuSEfirewall2 documentation. The Ident is explained in addition to other finer controls to the SuSEfirewall2 -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx