Hi, I think fw_allow_ping_fw means, that you can ping the firewall. The same I think is only meant for the firewall. I think you have to masq your pings, if you want to ping through your firewall to the internet. MfG. Stefan Walther stefan_walther@gehag-dsk.de dienst.: +4930/89786448 Funk: +49172/3943961 "maillist" <maillist@inv An: <suse-security@suse.com> enit.de> Kopie: Thema: [suse-security] Suse firewall script question 16.07.2001 11:24 Hello I´m trying to set up a linux firewall box with 3 network devices. The first points to the internet gateway, the second to the DMZ(192.168.1.x) and the third to the internal network(192.168.2.x). I´m using Suse 7.0 and have installed the firewall script and squid proxy server. The squid runs fine html,ftp works. In the firewall script I have disabled routing and masquerading. Now I want to ping the internet from my internal network. But no request gets an answer. I have set the following options to yes fw_allow_ping_fw = yes fw_allow_incoming_highports_udp=yes fw_allow_fw_traceroute=yes Referencing to the technical dokumentation these 3 options set to yes allows the icmp ping to pass the firewall. But it didn´t work :-( Has anyone an idea? Thx for any help Regards Björn Berger -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com