diff --git a/docs/FAQ.xml b/docs/FAQ.xml index 5aa0792f7..83475f6c2 100644 --- a/docs/FAQ.xml +++ b/docs/FAQ.xml @@ -1108,7 +1108,25 @@ DNAT loc dmz:192.168.2.4 tcp 80 - The default gateway on each local system isn't set to the IP - address of the local firewall interface. + address of the local firewall interface. You can test this + by: + + + + At a root shell prompt, type 'shorewall clear'. + + + + From a local system, attempt to ping the IP address of the + Shorewall system's internet (external) interface. If that + doesn't work, then the default gateway on the system from which + you pinged is not set correctly. + + + + Be sure to 'shorewall start' after the test. + + @@ -1121,7 +1139,7 @@ DNAT loc dmz:192.168.2.4 tcp 80 - The DNS settings on the local systems are wrong or the user is running a DNS server on the firewall and hasn't enabled UDP and TCP port 53 from the local net to the firewall or from the firewall to - the Internet. + the Internet. @@ -2417,8 +2435,8 @@ etc... Answer: Shorewall Lite is a companion product to Shorewall and is designed to allow you to maintain all Shorewall configuration information on a single system within your - network. See the Compiled - Firewall script documentation for details. + network. See the Compiled Firewall + script documentation for details.