Hi There, As suggested, I change the IP for eth1, but unfortunately, still same result, but I hope to get a light this time On Policy, I simply put "ALL ALL ACCEPT" just for a starter, to get this shorewall working is my priority Why i am not simply put net.ipv4.ip_forward=1, I want to get this shorewall up and running.....
I am using eth0 and connect from other host (e.g. 10.1.1.5, winXp) and set the gateway and DNS as 10.1.1.4 No connection, only able to ping 10.1.1.4 .... I am still in a BIG question, what I did wrong I also simply copying the "three-interfaces" example also trying "two-interfaces", still no luck Can anyone guide me? Shorewall version 4.0.14 Debian Etch Webmin Version 1.441 eth0 -> 10.1.1.4 connected to a router, act as gateway for other hosts eth1 -> 10.1.2.1 connected to wireless router, not connected at the moment, just trying to get wired connection working eth2 -> connected to adsl bridged modem, working OK using RP-PPPoE, outputing ppp0 with correct ip from TPG Shorewall configuration Interfaces #ZONE INTERFACE BROADCAST OPTIONS net ppp0 - loc eth0 10.255.255.255 loc eth1 10.255.255.255 Masq #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK ppp0 eth1 ppp0 eth0 Policy all all ACCEPT Zones fw firewall net ipv4 loc ipv4 ~# shorewall status Shorewall-4.0.14 Status at debian - Tue Nov 25 20:23:36 EST 2008 Shorewall is running State:Started (Tue Nov 25 20:23:32 EST 2008) ~# ifconfig eth0 Link encap:Ethernet HWaddr 00:E0:4C:50:18:FD inet addr:10.1.1.4 Bcast:10.255.255.255 Mask:255.0.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:232 errors:0 dropped:0 overruns:0 frame:0 TX packets:321 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:38692 (37.7 KiB) TX bytes:218234 (213.1 KiB) Interrupt:201 Base address:0xa000 eth1 Link encap:Ethernet HWaddr 00:E0:4C:50:16:70 inet addr:10.1.2.1 Bcast:10.255.255.255 Mask:255.0.0.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:17 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3287 (3.2 KiB) TX bytes:0 (0.0 b) Interrupt:209 Base address:0x8000 eth2 Link encap:Ethernet HWaddr 00:15:58:1D:4B:4F inet6 addr: fe80::215:58ff:fe1d:4b4f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:425 errors:0 dropped:0 overruns:0 frame:0 TX packets:423 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:59062 (57.6 KiB) TX bytes:67383 (65.8 KiB) Interrupt:193 Base address:0xa800 ppp0 Link encap:Point-to-Point Protocol inet addr:xxx.xxx.xxx.xxx P-t-P:10.20.20.106 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:379 errors:0 dropped:0 overruns:0 frame:0 TX packets:375 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:47826 (46.7 KiB) TX bytes:56054 (54.7 KiB) Start your day with Yahoo!7 and win a Sony Bravia TV. Enter now http://au.docs.yahoo.com/homepageset/?p1=other&p2=au&p3=tagline -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]