enough! i agree, tail between my legs, that, in fact, "protect client protocols of IP" is certainly most reasonably read as protecting ports (which, in general, i still believe to be at least worrisome and, possibly, a mistake)!