Dear List members: This one has me scratching my head... FC6, ISPConfig 2.2.9, then just upgraded to 2.2.18. Pre-production box. Usually I turn off the firewall rules in ISPConfig and just run rules in IPtables, I can get a bit more technical this way, and I have this running on 4 other boxes this way. One of which is FC6 as well. Unfortunately, this new box, installed FC6, configured firewall, then installed ISPconfig, changed ISPconfig firewall service to off. Problem is, I should be blocking access to certain ports (like 81) from all IP addresses but 2. And my testing shows that this is not happening. I have also tested by blocking access to port 80, completely in IPtables, and this is not working as I can still get to my development websites. iptables -L returns: Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 18.104.22.168 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- 22.214.171.124 anywhere tcp multiport dports ndmp,ssh,mysql state NEW ACCEPT tcp -- xtreme-157-7.static.aci.on.ca anywhere tcp multiport dports ndmp,ssh,hosts2-ns,mysql state NEW REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Any help would be appreciated because this has got me stumped!!! Thank you in advance!