>Along those lines, in my playing with ipchains, I can't ping my >firewall from the internet when I have rules in place, even with an >allow ICMP line in the input rules. Odd. I can ping my box fine from the Internet. >Do I need an "allow ICMP" line in the output-to-the-isp rules? Definately. ICMP is a two-way handshake. --David .----------------------------------------------------------------------------. | David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] | !---- ----! `----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----' _______________________________________________ Masq maillist - [EMAIL PROTECTED] http://tiffany.indyramp.com/mailman/listinfo/masq Admin requests can be handled by web (above) or [EMAIL PROTECTED]
