On Wed, Jan 04, 2006 at 05:59:44PM -0700, Dan Joumaa wrote: > entry->fw_prot = IPPROTO_TCP|IPPROTO_UDP; This may not be your problem, but I think you need two rules to do this the protocol number is a 8 bit number, not a bit field (ie. IPPROTO_TCP is 6 and IPPROTO_UDP is 17, so oring them together doesn't make sense). David.