On Wednesday 16 April 2008 12:25:35 am Timothy Murphy wrote: > On Tuesday 15 April 2008 11:48:00 pm Filipe Brandenburger wrote: > > > Unfortunately, I have not been able to set it up > > > to allow local machines to access the internet. > > > > Did you enable routing? The output of "cat > > /proc/sys/net/ipv4/ip_forward" must be 1, otherwise the server won't > > route packets between networks. In some cases (depending on your > > Internet modem/router) it's possible that you'll need to configure the > > server to do NAT as well. I found in the end this wasn't the issue; shorewall sets /proc/sys/net/ipv4/ip_forward to 1 by default; I only read it as 0 because I had stopped shorewall. My error was that I had not added my LAN to /etc/shorewall/masq . Just a silly oversight.