Hi there... I'm running a firewall-router machine in a Red Hat Linux 9 box. I have uploaded Red hat's latest kernel 2.4.20-28 I guess. My problem is this... This box has been working perfectly for the last 6 months and it even had a 6 months uptime with no reboots. Suddendly, the box quit working and I started getting this message when I log the packets... ----- IN=eth0 OUT=eth0 SRC=192.168.0.14 DST=200.44.32.13 LEN=62 TOS=0x00 PREC=0x00 TTL=127 ID=49243 PROTO=UDP SPT=1090 DPT=53 LEN=42 ----- which means that somehow Linux confuses input interface and output in the same: "IN=eth0 OUT=eth0". This is my rc.firewall script: ----- [alucard@servidor alucard]$ more /etc/rc.d/rc.firewall #!/bin/sh FWVER=0.74 IPTABLES=/sbin/iptables DEPMOD=/sbin/depmod MODPROBE=/sbin/modprobe EXTIF="eth1" INTIF="eth0" echo " External Interface: $EXTIF" echo " Internal Interface: $INTIF" echo -en " loading modules: " $DEPMOD -a echo -en "ip_tables, " $MODPROBE ip_tables echo -en "ip_conntrack, " $MODPROBE ip_conntrack echo -en "ip_conntrack_ftp, " $MODPROBE ip_conntrack_ftp echo -en "ip_conntrack_irc, " $MODPROBE ip_conntrack_irc echo -en "iptable_nat, " $MODPROBE iptable_nat echo -en "ip_nat_ftp, " $MODPROBE ip_nat_ftp echo " Habilitando Mascaras IP.." echo "1" > /proc/sys/net/ipv4/ip_forward echo " Habilitando DynamicAddr.." echo "1" > /proc/sys/net/ipv4/ip_dynaddr $IPTABLES -P INPUT ACCEPT $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P FORWARD DROP $IPTABLES -F FORWARD $IPTABLES -t nat -F $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT $IPTABLES -A INPUT -i $EXTIF -p tcp --dport 22 -j ACCEPT $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $IPTABLES -A FORWARD -j LOG $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE ----- What's odd here is that if I reboot the computer, I'd still get the same log message but if I do this: ifconfig eth0 down ifconfig eth1 down ifconfig eth0 192.168.0.1 #router's address ifconfig eth1 up #DHCP internet access it will work -but not always, sometimes both interfaces do not ping anybody- but it will quit working after an hour or so not allowing any other services -like internal ftp or mail fetching- and I'll start having those logs again... I have checked all the box for any security issues and I haven't found any- I have latest packages due to a red hat network subscription-. What's weird is that it worked flawlessly for 6 months... Thanks a lot for your time... Juan