On 07.04.2008 23:00, Roberto C. Sánchez wrote: > On Mon, Apr 07, 2008 at 12:36:51PM +0200, Darshaka Pathirana wrote: >> JFTR: I've sent you the logs I have directly to you... >> > I have spoken with Tom Eastep about it and forwarded the logs to him as > well. His assessment was that something is causing ip forwarding to be > turned off (or at least keeping it from being turned on). > > In the Debian package, IP_FORWARD defaults to "Keep", instead of "On". > This is so that values set manually or via /etc/sysctl.conf are not > disrupted by Shorewall. In your case, you would want Shorewall to > enable it unconditionally since you are not enabling it elsewhere. > > Please confirm if this works for you so that this bug report can be > closed.
Yes. IP_FORWARD=On works perfectly for me on Debian/Etch. BUT: I just found an old Debian/Sarge machine... And there IP_FORWARD is set to "Keep" AND /etc/sysctl.conf is empty (so there is no "/proc/sys/net/ipv4/ip_forward = 1"). Just being curious as we are talking about an old shorewall version (2.2.3-2). Why does that work? Greetings, - Darsha -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
