HELP - update/new kernel broke ip forwarding - SOLVED

[Moriah]

i just updated my choke firewall from a 2.6.37-gentoo-r3 kernel to a 3.5.7-gentoo kernel and did an update with emerge --sync and emerge --update --deep --newuse world, and now ip forwarding no longer works.

Has something changed in the way forwarding works?

======== update ========

Its beginning to look like a connection tracking problem, because when I connectfrom the choke firewall to a machine on the lan behind that firewall, the lan machine can see the dmz and the internet.

I have a vague recollection of something changing regarding connection tracking with the 3.x.x kernels and iptables.

It did not affect me at the time because I was still on a 2.x.x kernel, but this has the potential to wreck great havoc with all my firewalls. Does anybody remember what changed with connection tracking?
_________________
The MyWord KJV Bible tool is at http://www.elilabs.com/~myword

Foghorn Leghorn is a Warner Bros. cartoon character.

[Moriah]

My confusiion. Too many things breaking at once threw me off the scent.

The latest update broke a lot of things. To get any connectivity at all, I connected my trysty laptop via wifi to an different subnet. When I switched it back, I forgot to re-establish the default gateway in the routing table. In reality, after rebuilding the choke firewall, ip forwarding *DID* work, but my gateway was wrong, so it looked like it didn't.

Amazing what a good night's sleep can do...

THAT alligator is dead; now on to draining the swamp!
_________________
The MyWord KJV Bible tool is at http://www.elilabs.com/~myword

Foghorn Leghorn is a Warner Bros. cartoon character.