What you want to do at this point is either
modify the firewall ruleset text file to specify
loggin the traffic so you can see what is happening,
or you can insert the rules to do so into the
ruleset that's running.
You would want to add the -l switch to the default
rules for input and output. That's the rule that
the traffic is matching, based on the byte counts
in the ipchains -L -n you posted.
Once you've added the -l switch and reloaded,
make the traffic and look at your syslog. You
should see quite a bit of the exact answer as
to what is going on.
When sitting at the LEAF and pinging an internal
LAN computer, outgoing ping is ICMP type 8. The
response are input on eth1 as ICMP type 0.
Those are allowed according to your rules.
If you have trouble making the correct rule
modifications, post, and we'll give you the
exact syntax.
Regards,
Matthew
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
