[Shorewall-users] ping & shorewall restart
Sat, 13 Apr 2002 13:38:24 -0700 (Pacific Daylight Time)
On Sat, 13 Apr 2002, Jacques Nilo wrote:
> There is something I do not understand:
> I use shorewall 1.2.10 + the two-interfaces sample
> with that setup I cannot ping the internet from the firewall.
Hmm - I left out the proper rule.
> So I put
> ACCEPT fw net icmp 8
> in rules
> and shorewall restart
> Then I can ping OK from fw to net
Yes -- that is as it should be.
> Now I comment out this again in rules
> I shorewall restart
> I can still ping the net from fw ?
> Why ?
Probably because you are pinging the same IP address and the connection
tracking entry from the last time you pinged is still there.
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ email@example.com