> -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Timothy Murphy > Sent: Monday, July 05, 2010 10:11 PM > To: centos at centos.org > Subject: Re: [CentOS] DNS or firewall problem > > Thomas Dukes wrote: > > >> Do u have ipv4 forwarding on in your /etc/syscttl > > > > Uhhh, in /etc/sysctl.conf, > > > > net.ipv4.conf.ip_forward = 0 ?? > > > > change to = 1 ?? > > I have more or less the same setup as you, and I have > net.ipv4.conf.ip_forward = 0 > in /etc/sysctl like you, > but I have no problem accessing my server from my laptop. > > I am running shorewall, > and it would be easy to set this up > to have the effect you describe. > > I have the line > loc $FW ACCEPT > in /etc/shorewall/policy . > The default is > loc $FW REJECT info > which would have the effect you describe. > > Nb I don't really understand iptables, > but I find shorewall does most of the thinking for me. I use the iptables firewall rules in the linux ip masquerade howto. Been using it for years without a hitch. http://www.tldp.org/HOWTO/html_single/IP-Masquerade-HOWTO/#RC.FIREWALL-IPTAB LES-STRONGER I looked at shorewall some time ago but like you, I was confused with iptables.