I just fixed some bug with ip_forwarding not being enabled. What does "cat /proc/sys/net/ipv4/ip_forward" give you?
Maybe thats the problem... it should be 1. If it isn't, set it to 1 like this: echo "1" > /proc/sys/net/ipv4/ip_forward If the logviewer doesn't work, you can just look at /var/log/vuurmuur/traffic.log Regards, Victor alexperl wrote: > >> accept service dns from world.inet to firewall >> accept service dns from firewall to local.lan >> accept service dns from local.lan to world.inet >> accept service dns from world.inet to local.lan >> snat service any from local.lan to world.inet > >> Okay, that should make it work... does it? > > Not. But I can see in connection window (float exception acquire when > connections are many and maybe must be scrollbar or something) exist > connection > dns - local -> firewall > dns - firewall -> world > But ping www.yahoo.com > show unknow host (I try it in linux box and windows boxes) > >> accept service any from local.lan to world.inet >> Is *ping* service in *any* service or in this category are some other >> services? >> "Any" basically means that iptables doesn't look at the protocol, ports, >> etc, just at the ipaddresses. So "any" includes ping, http, everything... > > But why when I checkout ping service rules ping from local net don't see > external hosts? maybe this is the same problem with dns? ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Vuurmuur-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
