Hello, The root of my problem was this: > [0:0] -A SYNFLOOD -m limit --limit 1/s --limit-burst 4 -j RETURN > [0:0] -A SYNFLOOD -j DROP > [0:0] -A CHECK -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j SYNFLOOD When the HTTP/FTP-clients etc. spawned several connections (in this case >4) to download files, the router blocked them. I guess that it adds protection to keep the SYNFLOOD check there. What are sensible values to use on -m limit, making it work for flooding, yet not stopping normal clients? Thanks guys, Svein
