shorewall-users January 2012 archive
Main Archive Page > Month Archives  > shorewall-users archives
shorewall-users: [Shorewall-users] can't ping to a different zon

[Shorewall-users] can't ping to a different zone

From: N dhert <ndhert2_at_nospam>
Date: Thu Jan 19 2012 - 15:47:24 GMT
To: Shorewall Users <>

I havea firewall with shorewall-4-4.17 on Ubuntu 11.04

A system behind that firewall worked well (gets its DHCP params from a DHCP
server in the same FW zone fo the system just mentionned, the system gets
always the same IP, based on tis MAC address, it's configured that way)

Now I changed the DHCP config so the system gets a different IP (still an
IP in the same subnet and also in the same
firewall zone as before). Rebooted, OK the system that new IP.

But I can't ping anymore to IP addresses which are not in the same zone as
my system.
ping just hangs and times out...
So, I also can't do DNS queries any longer (nags and times-out)
(the DNS servers I use are in zone 'net' and in a totally different subnet)

I believe somewhere something in a cache on the firewall still has old
information, but I have no clue
where or how to clear that cache

what can be the reason and how to solve?

Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!

Shorewall-users mailing list