I continue to be baffled. I have the following network: eth0 = IP addresses 10.198.1.* (netmask 255.255.255.0) modem to be used for dial-out In my /etc/rc.config, I have the following FW variables set: FW_START="yes" FW_LOCALNETS="10.198.1.0/24" FW_WORLD_DEV="sl0 ppp0" FW_INT_DEV="sl0 ppp0" FW_LOG_ACCEPT="yes" FW_LOG_DENY="yes" (all others are null or = "no") I know, via "sh -x /sbin/init.d/firewall start" that the following ipfwadm commands are being executed when I start the firewall: /sbin/ipfwadm -I -f /sbin/ipfwadm -I -p deny /sbin/ipfwadm -I -a deny -o -P all -S 10.198.1.0/24 -D 10.198.1.0/24 -W sl0 /sbin/ipfwadm -I -a deny -o -P all -S 10.198.1.0/24 -D 10.198.1.0/24 -W ppp0 /sbin/ipfwadm -I -p accept /sbin/ipfwadm -I -p accept #(yes, that's repeated) Yet, when I go to any other device on the network, I'm being denied any outside access. /var/log/messages contains: Nov 22 16:30:59 linux-1 kernel: IP fw-fwd deny sl0 UDP 10.198.1.5:137 209.136.241.2:53 L=62 S=0x00 I=35840 F=0x0000 T=127 Here's the output from "/sbin/init.d/masquerade list" which also makes no sense to me. Don't know where the "192.168*" stuff is coming from. IP firewall forward rules, default policy: deny pkts bytes type prot opt tosa tosx ifname ifaddress source destination ports 0 0 acc/m all ---- 0xFF 0x00 ppp0 0.0.0.0 192.168.0.0/16 0.0.0.0/0 n/a 98 6545 deny all ---o 0xFF 0x00 * 0.0.0.0 0.0.0.0/0 0.0.0.0/0 n/a 0 0 acc/m all ---- 0xFF 0x00 sl0 0.0.0.0 10.198.1.0 /24 0.0.0.0/0 n/a IP masquerading entries (end of report) and this does not make sense to me. Any ideas out there in SuSEland? Thanks. -- Dennis Lovelady Simpsonville, SC mail: dennis@lovelady.com URL: <A HREF="http://lovelady.piedmont.net"><A HREF="http://lovelady.piedmont.net</A">http://lovelady.piedmont.net</A</A>> ICQ: 5734860 -- "We must believe in luck. For how else can we explain the success of those we don't like?" - Jean Cocteau - To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e