Is there an error in this output from MonMotha's script? What's that bit about "Refusing SSR Packets via SysCtl"? Here's the output.
***************** Loading iptables firewall: Checking configuration...passed Performing TCP_ALLOW and UDP_ALLOW alias preprocessing...done Checking IP Forwarding...enabled. Checking IP SynCookies...disabled. Checking Route Verification...activated:eth0 activated:eth1 Refusing SSR Packets via SysCtl...activated:eth0 activated:eth1 Flush: INPUT OUTPUT1 FORWARD PREROUTING1 OUTPUT2 POSTROUTING PREROUTING2 OUTPUT3 Creating chains: INETIN INETOUT DMZIN DMZOUT TCPACCEPT UDPACCEPT LDROP LREJECT TREJECT LTREJECT Default Policies: INPUT:DROP OUTPUT:ACCEPT FORWARD:DROP Setting up drop chains chains: LDROP LREJECT TREJECT LTREJECT Setting up per-proto ACCEPT: TCPACCEPT UDPACCEPT TREJECTing invalid packets...done Setting up INET chains: INETIN INETOUT Local Traffic Rules: 192.168.0.0/24:ACCEPT 192.168.1.0/24:ACCEPT loopback:ACCEPT Setting up masquerading: 192.168.0.0/24:MASQUERADE 192.168.1.0/24:MASQUERADE TREJECTing ICMP messages specified in BAD_ICMP...5 9 10 15 16 17 18 Flood limiting: ICMP-PING Allowing the rest of the ICMP messages in...done Hostwise TCP Allows: 0/0>22 Hostwise UDP Allows: 0/0>68 0/0>6112 0/0>6119 0/0>4000 Allowing established outbound connections back in...done Allowing related inbound connections...done Setting up INET policies: INETIN:TREJECT INETOUT:ACCEPT Done loading the firewall! ********************** Looks okay to me. If there are no errors, what else could prevent the firewall from working, given that I've tested the cables and cards to my satisfaction? Desperate Dave
