I'm having some trouble with the ipmasq firewall setup on my Debian box. For those that aren't familiar with how it works, the iptables commands are specified in a number of .def/.rul files in /etc/ipmasq/rules. I think these get run by run-parts when /usr/sbin/ipmasq is run. Also ipmasq gets run whenever ppp goes up or down. The default ipmasq with ppp installation firewalls the internal (masqueraded) machines but does not protect the firewall machine itself. A while back this machine got rootkitted (over a dialup link!) and at that time I discovered that when the ipmasq docs talk about it providing a firewall, they don't mean the masq machine itself. I then modified one of the the ipmasq rule scripts using some info from the wlug wiki and it all worked. Recently I was looking at trying to make the audio work in Windows Messenger[1] and discovered that my firewall was no longer working and I couldn't see any dropped packets in the logs ( which led me to think that logging wasn't enabled). I must have upgraded something, don't know what, that caused the firewall to stop working. I discovered that there are some default scripts that provide what I want in the ipmasq examples and installed those. Now I'm firewalled but the firewall drops DNS forwards from my internal bind so things don't work so well. However if I do: $/etc/init.d/ipmasq stop $/etc/init.d/ipmasq start after dialing in then it works. What should I be looking for to diagnose the problem? As far I can tell, which admittedly is not very far, the configuration is fine and is essentially the default install with only changes made to the config definitions to specify which ports to block. Any advice appreciated. g [1] If anyone has done that, any advice would be appreciated on that too. -- Glenn Ramsey <glenn(a)componic.co.nz> 07 8627077 http://www.componic.co.nz