I'm running three dual-homed RedHat 7.0 boxes on separate DSL or cable, each doing IP Masquerading to private networks. I'm attempting to do some more serious firewalling, and am trying to debug problems in a rc.firewall script generated from Bob Ziegler's site. I've noticed that when I swap between Bob's 600+ line script and Rusty's Three-Line Guide to Masquerading (IPCHAINS How-To) , each modified to start with "ipchains -F" which should flush all existing rules, that the flush isn't happening. I'm switching by doing "sh <scriptname>" after having made both scripts executable. If I reboot Linux after changing which script is referenced in /etc/rc.d/rc.local, then everything is clean. Any ideas? Dick -- ------------------------------------------------- Richard Goodman dick@goodman1.net ---> Home: (508) 753-DICK trader@goodman1.net ---> Work: (508) 757-3452 voice/fax