On Mon, Oct 10, 2005 at 07:30:46PM +0200, Dexter wrote: > Hello, > I've installed Debian Sarge (just basic system packages). I'm trying to > setup Shorewall firewall on it. My problem is, that Masquerade is not > working. That is: > -I can ping from local system to firewall > -I can ping from firewall to Internet > -I can NOT ping from local system to Internet > When I run: > #tcpdump -i eth0 icmp > which will listen for icmp packed on my external interface. And I ping from > local system to internet. > I can see outgoing echo request packages, BUT with source address of local > system. So no reply can come back to me. Now it's clear, that problem is > masquerading. > I've set up also /etc/shorewall/masq: > ---------- > eth0 eth1 > --------- > What did I miss? I have no idea, what is wrong.
Do you have setup th "ip_forward" statement? Try: # sysctl -e net.ipv4.ip_forward=1 -- Marcos S. Trazzini -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]