hmm maybe its better to tell us what iptables -t nat -L says if you use masquerading
rb Dexter wrote: >#cat /proc/sys/net/ipv4/ip_forward >1 > >I'm not seting remote access to firewall, so I can't past output of >iptables -nL command. Do you know, what should I look for? > >Dexter > > > >>-----Original Message----- >>From: Dexter [mailto:[EMAIL PROTECTED] >>Sent: Monday, October 10, 2005 7:31 PM >>To: 'debian-firewall@lists.debian.org' >>Subject: Masquerade doesn't work >> >>Hello, >>I've installed Debian Sarge (just basic system packages). I'm >>trying to setup Shorewall firewall on it. My problem is, that >>Masquerade is not working. That is: >>-I can ping from local system to firewall -I can ping from >>firewall to Internet -I can NOT ping from local system to >>Internet When I run: >>#tcpdump -i eth0 icmp >>which will listen for icmp packed on my external interface. >>And I ping from local system to internet. >>I can see outgoing echo request packages, BUT with source >>address of local system. So no reply can come back to me. Now >>it's clear, that problem is masquerading. >>I've set up also /etc/shorewall/masq: >>---------- >>eth0 eth1 >>--------- >>What did I miss? I have no idea, what is wrong. >>Thanks for reply. >> Dexter >> >> > > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]