Hi, I'm running Shorewall 4.6.2.2 on Debian 7.6 (wheezy) with Linux 3.2.60-1+deb7u3, and shorewall iptrace doesn't work - no output appears in the kernel log. It wasn't working back when I was running 4.5.5.3 (the version shipped with wheezy) which is one reason I upgraded. IIRC it did work for a day or two after I last rebooted. The TRACE entry does show up in the raw table. I realise it's probably more of a kernel issue, but I thought I'd ask here first and see if anyone had any suggestions for what I could investigate. It's also coming up to school holidays so I can perform some more in-depth debugging if necessary. http://pastebin.com/Uc4Vc4H6 has shorewall version and ip (addr|route) show per the support guide. The system is the core firewall, it used to run quagga too but I moved that off to another system after upgrading to 4.6.2.2 as I was still having problems even after adding nohostroute in shorewall-providers. Thanks, -- James Andrewartha Network & Projects Engineer Christ Church Grammar School Claremont, Western Australia Ph. (08) 9442 1757 Mob. 0424 160 877 ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk