Hi All, I have a 3 interface firewall (internet, dmz, lan). For some reason a dmz host can longer ssh or connect to a DB server on the lan(it could before). Nothing seems to get logged with a $IPTABLES -A FORWARD -j LOG --log-prefix "FORWARD DENY: " rule. And when I disable the FW and enable the plain routing it seems to be able to connect ok. At a loss as to why this would not work without logging something. Firewall and Webserver are FC1, DB server is Redhat AS3. Could someone suggest some ideas on debuging this? Any ideas gratefully received. Greg
