On Thu, 2005-08-25 at 11:08 -0400, Greg Swallow wrote: > Ok, assigned 631 and 548 tcp and udp protocols in > Security Levels: > > 631:tcp, 631:udp, 548:tcp, 548:udp Unless I'm very much mistaken, you don't need UDP with IPP, just TCP. > Now firewall no longer routes. dhcp does give ip, but nothing. I think we need to know much more about your network configuration to offer useful advice. > Am connected outside my gigabit network to send this. > > iptable was created by hand. Does the GUI make a backup of > the file. Hmm, probably gone anyway as I used GUI to remove > the port asignments. I don't think so. I think it creates what's displayed in the GUI. Prior versions always started afresh (making it impossible to modify settings). Have you "trusted" the local device interface? If you can't do that, because you want to trust some addresses through that device but not others, I think you'll have to write manual iptables rules. I did that with my other Linux box, and I do it via a script. I write rules in the script, just the same as you'd type them into a CLI, and run the script when done. It makes the changes, and writes the rules into the standard place the PC looks at while booting up. It makes it easy for me to modify rules, that way. Have you enabled "masquerade", if you should? My NAT machine isn't this one, and is configured by hand. So I've not used that option in the GUI. My behind the NAT box configurations have only the following options: Trusted services: x Secure WWW (HTTPS) FTP x Mail (SMTP) Telnet x WWW (HTTP) x SSH Trusted devices: Name Trusted Masquerade eth0 x sit0 Other ports: ipp:tcp -- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.