Hi, I''ve upgraded my kernel to 2.6.29.1 because of problems with conntrack table of my old kernel. Now I have a new problem which is really interesting. It might be something not related to Shorewall, but I need your help to identify the problem because it gets fixed after Shorewall is restarted. Brief explanation of the problem: br0 is my LAN interface and I have ppp0 , ppp1 interfaces configured as 2 providers (WAN). Behind br0 , there are eth2 and ath0 interfaces bridged. All clients accessing internet are NATted to ppp0 or ppp1 interface when reaching internet. When the Shorewall is just started there is no problem; every client can reach the internet and also the Shorewall box can reach internet. But after some time all clients can not reach internet. When I look with tcpdump I see that the LAN client''s request is well NATted and the packet is sent from WAN interface. Also, the reply from internet host is received. But it is not sent back to the LAN client: # tcpdump -i any "host 193.243.202.97" tcpdump: WARNING: Promiscuous mode not supported on the "any" device tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes 19:54:19.737715 IP 192.168.254.1 > 193.243.202.97: ICMP echo request, id 256, seq 10240, length 40 19:54:19.737715 IP 192.168.254.1 > 193.243.202.97: ICMP echo request, id 256, seq 10240, length 40 19:54:19.737941 IP 95.65.145.197 > 193.243.202.97: ICMP echo request, id 256, seq 10240, length 40 19:54:19.744362 IP 193.243.202.97 > 95.65.145.197: ICMP echo reply, id 256, seq 10240, length 40 Then, if I restart Shorewall with "shorewall restart" , everything is fine again: # tcpdump -i any "host 193.243.202.97" tcpdump: WARNING: Promiscuous mode not supported on the "any" device tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes 19:58:13.020710 IP 192.168.254.1 > 193.243.202.97: ICMP echo request, id 256, seq 37632, length 40 19:58:13.020710 IP 192.168.254.1 > 193.243.202.97: ICMP echo request, id 256, seq 37632, length 40 19:58:13.020962 IP 95.65.145.197 > 193.243.202.97: ICMP echo request, id 256, seq 37632, length 40 19:58:13.027301 IP 193.243.202.97 > 95.65.145.197: ICMP echo reply, id 256, seq 37632, length 40 19:58:13.027452 IP 193.243.202.97 > 192.168.254.1: ICMP echo reply, id 256, seq 37632, length 40 19:58:13.027484 IP 193.243.202.97 > 192.168.254.1: ICMP echo reply, id 256, seq 37632, length 40 I am attaching the "shorewall dump" outputs of both working (fresh) and not working status, to this email. Could you please check what''s going wrong after some time, which blocks my internet access ? It may be a problem with the kernel but I couldn''t figure out myself. Thanks. ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p