On Thu, 2003-12-11 at 23:11, Ian Hunter wrote: > > Dec 11 22:58:52 lucy kernel: Fwd DMZ->Internet DROP: IN=eth1 OUT=ppp0 > SRC=192.168.254.242 DST=204.157.6.223 LEN=60 TOS=0x00 PREC=0x00 TTL=63 > ID=56169 DF PROTO=TCP SPT=80 DPT=56319 WINDOW=32476 RES=0x00 ACK SYN URGP=0 My "guess" is, you are receiving a SYN packet from 204.157.6.223. This creates a state table entry with with a 60 second timer. Your system is taking longer than 60 seconds to respond, so iptables is removing the state table entry. Your system then responds causing the log entry shown above. HTH, C
