Filipe: One of my servers stopped responding again. This time, it was one of those which was not using ESTABLISHED. I am now convinced the problem is not in the firewall. It must be somewhere in Apache, Tomcat, or my application code (Most likely). I think I was seeing the firewall logs after I restarted Apache since the responses were rejected since they no longer were attached to an established connection. Sorry for the red herring. Neil -- Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com Eliminate junk email and reclaim your inbox. Visit http://www.spammilter.com for details. > I am seeing logs like this in the syslog: > > OUTPUT IN= OUT=eth0 SRC=[myIP] DST=[otherIP] LEN=52 TOS=0x00 PREC=0x00 > TTL=64 ID=35076 DF PROTO=TCP SPT=80 DPT=36953 WINDOW=54 > RES=0x00 ACK PSH FIN > URGP=0