This is a standard RedHat / CentOS firewall configuration, where I told it, through the standard RH setup GUI, that I want ssh and snmp allowed through. Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT ipv6-crypt-- anywhere anywhere ACCEPT ipv6-auth-- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353 ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:snmp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited The way I read this, though, the first rule in the RH-Firewall-1-INPUT chain applies to all packets coming in, which it accepts. That's all protocols from "anywhere" going to "anywhere". So shouldn't the packet no longer be evaluated past that rule? I know that when I have this enabled, it's stopping packets. So I'm reading this wrong. What am I getting wrong? === Al