[Shorewall-users] masq - pings and connections get dropped after
pstephenson at ntlworld.com
Mon Sep 27 14:41:47 PDT 2004
On Mon, Sep 27, 2004 at 02:29:00PM -0700, Tom Eastep wrote:
> Tom Eastep wrote:
> | Paul Stephenson wrote:
> | | Hello,
> | |
> | | I have a pretty standard two-interface setup with masquerading, so the
> | local
> | | network can connect through the firewall to the Internet.
> | |
> | | Now, commands like 'ping 126.96.36.199' (that's google.com) from brian
> | have
> | | 100% packet loss. Connections using a web browser (for example) also
> | time
> | | out.
> | |
> | After a "shorewall clear", can brian and trevor communicate ok?
> I notice that you have IP_FORWARDING=Keep in your shorewall.conf file so
> unless something external to Shorewall is turning it on, then you have
> forwarding disabled on your firewall. If 'cat
> /proc/sys/net/ipv4/ip_forward' returns '0' then set IP_FORWARDING=On and
> restart Shorewall.
ip_forward seems to be on already:
trevor:/# cat /proc/sys/net/ipv4/ip_forward
I'll maybe try fiddling with some of these settings tomorrow to see if I can
make more sense of what's going on.
Thanks for all your help,
More information about the Shorewall-users