hi all, further investigation reveals that red hat changed its script to start and stop iptables: in 1.2.6a, no modules are removed as part of "stop" but in 1.2.8, modules are removed on a stop will leaving the modules in memory have an impact when new rules are introduced (hence the firewall restarts)? i wonder what the motivation for removing the modules is/was other than conserving resources ... thanks for any thoghts cheers charles
