Hello Simon, I believe, I have found the rule: > I'm assuming you have a fw -> net (or default) policy that's blocking > all outbound traffic from the firewall. > > You need to allow connections from your firewall machine to the > relevant Debian sources. This may be HTTP or FTP (most likely HTTP) > depending on the sources defined in /etc/apt/sources.list.
In my rules I add HTTP(ACCEPT) $FW net And that was it. So I can also use aptitude at the firewall without stopping shorewall. Thanks for your support. Andreas ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
