Shorewall Geek wrote: > Phillipus Gunawan wrote: > >> using cable connected only on eth0 (loc 10.1.1.4 to switch) and eth2 (net, >> ppp0) >> nothing change, at my winXp 10.1.1.5, putting gateway/DNS as 10.1.1.4, cant >> ping www.yahoo.com >> winXp can ping 192.168.1.1 >> winXp can ping ppp0 ip address > > If you have set the DNS server address to 10.1.1.4, then: > > a) You need to be running a DNS server on the firewall; and > b) You need to allow DNS from loc->fw; and > c) You need to allow DNS from fw->net > > The dump isn't capable of telling us whether you are doing a) but it is > definitely telling us that you are NOT doing either b) or c).
Note that the simplest way to run a DNS server on your firewall is to install dnsmasq. See http://www.shorewall.net/SplitDNS.html ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
