I have Debian Etch release as a fresh install on a PIII to be a router/firewall. I've configured networking, and utilized Shorewall to set up iptables scripting. I've installed dhcp3, both client and server, to pull an ip from my broadband cable modem, and dish out ip's to a switch for other systems.

I was having an issue with not having net access beyond the firewall, and was not able to ping back and forth from the firewall to any other system(WinXP SP2 to be particular) on the network. discovered an errant entry in the dhcpd.conf file that listed an incorrect DNS server, and now I have net access on the other systems, however I still cannot ping between the firewall and other systems on the local network.

My questions are why is this working? Without the 2 communicating, seems to me net access is not possible, and anyone have pointers to get things going correctly?

So, just to confirm, you have


internet ---> [ broadband ] <--- net 1 ---> [ PIII/Debian ] <--- net 2 --->

where your PIII is using DHCP to get it's IP from broadband

but on net 2 it has a fixed IP and is acting as

(a) DHCP server
(b) router

and in theory should also be doing DNS forwarding?

The machines get DHCP'd and can then access the internet and each other.

Now, do your network rules disable ICMP? (eg ping uses ICMP).

that did the trick thank you.