Dear list members, I'm really frustated about not being able to get a Debiand Wheezy machine routing packets from the internal network to the external interface. The machine has two nics eth0 (internal) and eth1 (external), the latte pointing to a dsl-router. The internal net is 192.168.0.0/24 the external, consisting only oft the external nic and the dsl-router is 192.168.120.0/24 I have swichted on IP-forwarding in /etc/sysctrl.conf and in shorewall.conf. My configuration files are: <interfaces> ext eth1 detect int eth0 detect </interfaces> <zones> firew firewall ext ipv4 int ipv4 </zones> <masq> eth0 eth1 eth1 eth0 </masq> Since having tried almost everything I only have a policy file which (for the moment) leaves everything open. <policy> all all ACCEPT info </policy> I cannot ping the external interface from an internal client. Another strange thing is that I even don't get any entrys in my syslog for the ICMP packets in this case. Contacting the internal interface from the client within my LAN I get syslog messages. Neither the shorewall documentation nor any other research in the web could help me out of my trouble. Have I forgotten anything? I dont' know. Any hints are welcome. Greetings and thanks in advance. Harry ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems