From 6b74ac6c2da687bedf74d2365d51bf2a5fd1299c Mon Sep 17 00:00:00 2001 From: teastep Date: Fri, 9 Dec 2005 23:00:21 +0000 Subject: [PATCH] Tweak FAQ 15 git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3140 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-docs2/FAQ.xml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/Shorewall-docs2/FAQ.xml b/Shorewall-docs2/FAQ.xml index 219246648..c1d6e292b 100644 --- a/Shorewall-docs2/FAQ.xml +++ b/Shorewall-docs2/FAQ.xml @@ -17,7 +17,7 @@ - 2005-11-18 + 2005-12-09 2001-2005 @@ -691,6 +691,17 @@ ACCEPT net $FW <protocol> <port number> running a DNS server on the firewall and hasn't enabled UDP and TCP port 53 from the firewall to the internet. + + + Forwarding is not enabled. Enter this command: + + cat /proc/sys/net/ipv4/ip_forward + + The the value displayed is 0 (zero) then set IP_FORWARDING=On in + /etc/shorewall/shorewall.conf and restart + Shorewall. + @@ -1082,7 +1093,7 @@ LOGBURST="" if accepted, the packet would be sent on eth1. If you see OUT= with no interface name, the packet would be - processed by the firewall itself. + processed by the firewall itself. When a DNAT rule is logged, there will never be an OUT=