Hello, I use iptables 1.2.7a on RH 9.0 when i enable iptables -t nat --policy PREROUTING DROP it stops my connecting to the services offerd @ the natted dmz. Also nmap shows the ports opened when i do a "connect" scan. I have no user defined chanins. Any idea? Thanks and regards __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools