On Fri, 4 Mar 2011 10:48:12 +0200 Andrei Popescu <andreimpope...@gmail.com> wrote:
> On Jo, 03 mar 11, 22:08:00, Jason Hsu wrote: > > > > What's going on? How can turning OFF a firewall block Internet > > access? I thought that the purpose of a firewall is to BLOCK > > connections, not MAKE connections. > > Shorewall is not just a firewall (frontend), it can be used to activate > the NAT, via the: > > IP_FORWARDING=On > > option in /etc/shorewall/shorewall.conf. It defaults to 'keep', but it's > very convenient to use if you already use shorewall. IIUC (and I actually use a configuration like this with Shorewall), turning forwarding on just causes Shorewall (or rather, the kernel) to forward packets, without actually modifying them at all. To get NAT modification, you need to write a 'masq' file in Shorewall's config directory. Celejar -- foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110306150154.34364b69.cele...@gmail.com