Shorewall users - Jun 2002 - Can ping but cant browse from subnet

I have SuSE 8 and have been trying to Masquerade my subnet 192.168.0.n
I have cable modem and have followed Shorewall docs for two interfaces and am=20
Stumped.

My Masq Server Shorewall start message is:

Processing /etc/shorewall/shorewall.conf ...
Processing /etc/shorewall/params ...
Starting Shorewall...
Loading Modules...
Initializing...
Determining Zones...
   Zones: net loc
Validating interfaces file...
Validating hosts file...
Determining Hosts in Zones...
   Net Zone: eth0:0.0.0.0/0
   Local Zone: eth1:0.0.0.0/0
Deleting user chains...
Creating input Chains...
Configuring Proxy ARP
Setting up NAT...
   Host 192.168.0.0 NAT 24.206.86.96 on eth1
Adding Common Rules
Enabling RFC1918 Filtering
Setting up Kernel Route Filtering...
IP Forwarding Enabled
Processing /etc/shorewall/tunnels...
Processing /etc/shorewall/rules...
   Rule "ACCEPT fw net udp 53" added.
   Rule "ACCEPT fw net tcp 53" added.
Adding rules for DHCP
Setting up ICMP Echo handling...
Processing /etc/shorewall/policy...
   Policy ACCEPT for fw to net using chain fw2net
   Policy ACCEPT for loc to net using chain loc2net
Masqueraded Subnets and Hosts:
    To 24.206.86.96 from eth1 through eth0
Processing /etc/shorewall/tos...
   Rule "all all tcp - ssh 16" added.
   Rule "all all tcp ssh - 16" added.
   Rule "all all tcp - ftp 16" added.
   Rule "all all tcp ftp - 16" added.
   Rule "all all tcp ftp-data - 8" added.
   Rule "all all tcp - ftp-data 8" added.
Activating Rules...
Shorewall Started
The Masq server( 192.168.0.1) will ping and browse anything I want.
My laptop 192.168.0.2 can ping net no problem.
my windows 192.168.0.3  can ping net, too
Neither will get anything through a browser.
Trying either url or name gets dialog "Could not locate remote
server."
I have read and reread the documentation so much I am now thougroughly=20
confused. I have started from scratch several times and followed the=20
troubleshooting guide with no luck at all.
What am I doing wrong??

On Wed, 12 Jun 2002, Richard Atcheson wrote:
> I have SuSE 8 and have been trying to Masquerade my subnet 192.168.0.n
> I have cable modem and have followed Shorewall docs for two interfaces and
am
> Stumped.
> 
> My Masq Server Shorewall start message is:
> 
> Processing /etc/shorewall/shorewall.conf ...
> Processing /etc/shorewall/params ...
> Starting Shorewall...
> Loading Modules...
> Initializing...
> Determining Zones...
>    Zones: net loc
> Validating interfaces file...
> Validating hosts file...
> Determining Hosts in Zones...
>    Net Zone: eth0:0.0.0.0/0
>    Local Zone: eth1:0.0.0.0/0
> Deleting user chains...
> Creating input Chains...
> Configuring Proxy ARP
> Setting up NAT...
>    Host 192.168.0.0 NAT 24.206.86.96 on eth1
> Adding Common Rules
> Enabling RFC1918 Filtering
> Setting up Kernel Route Filtering...
> IP Forwarding Enabled
> Processing /etc/shorewall/tunnels...
> Processing /etc/shorewall/rules...
>    Rule "ACCEPT fw net udp 53" added.
>    Rule "ACCEPT fw net tcp 53" added.
> Adding rules for DHCP
> Setting up ICMP Echo handling...
> Processing /etc/shorewall/policy...
>    Policy ACCEPT for fw to net using chain fw2net
>    Policy ACCEPT for loc to net using chain loc2net
> Masqueraded Subnets and Hosts:
>     To 24.206.86.96 from eth1 through eth0
You are using both masquerading and static NAT -- get rid of the static 
nat entry!!! 

Also be sure that your local systems are configured with their default 
gateway set to the IP address of eth1 and that their DNS server settings 
are correct.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net