Something that confuses me about FC4 firewall. Rule number 1 is an accept all rule!
Why is it there. Since this rule should yield a match for every incoming packet, won't this mean the firewall is off?

Here is what my iptables looks like:

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
DROP all -- 58.0.0.0/7 0.0.0.0/0
DROP all -- 210.0.0.0/7 0.0.0.0/0
DROP all -- 125.0.0.0/8 0.0.0.0/0
DROP all -- 222.0.0.0/8 0.0.0.0/0
DROP all -- 219.0.0.0/8 0.0.0.0/0
DROP all -- 220.0.0.0/7 0.0.0.0/0
DROP all -- 60.0.0.0/7 0.0.0.0/0
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT 47 -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1723

Your listing is incomplete, making it out of context. No interfaces are listed. Makes it impossible to see what's going on.

Could well be that first ACCEPT rule is for your LAN side interface (if it's a dual homed firewall/router box) and by design. It could be for your local loopback interface - lo.

Try this:
# iptables -L INPUT -nv

That'll show you your INPUT table rules, without resolving the addresses (faster), and the interface each rule applies to. Makes it *much* easier to understand what's really going on.

You were right, it was for the LO interface.
Thank you!