Hi,
I have a FC 3 box as my nat/firewall. It is running firestarter.
My nework looks similar to this:

,-------------------------,
,--|192.168.1.1 (Computer A) |
L | |-------------------------|
A |--|192.168.1.2 (Computer B) | eth1
N | '-------------------------'
| ,-------------------------,
'--|192.168.1.100 | inside
======| (ROUTER) |================
,--|11.22.33.44 | outside
| '-------------------------'
I |
S | eth0 / DSL
P \|/
v

Everything seems to work just fine. Then (usually several days) after
it runs for awhile, something happens that effects the way it forwards
packets. The exact problem is that Computer A (or B for that matter)
is no longer able to access the box unless the 192.168.1.100 address is used.

Any access to 11.22.33.44 yields a message like this in /var/log/messasges:


May 30 15:21:11 lab kernel: Unknown InputIN=eth1 OUT= MAC=00:c0:f0:58:21:c1:00:40:ca:6d:b6:07:08:00 SRC=192.168.4.20 DST=xx.xx.xx.xx LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=9748 DF PROTO=TCP SPT=1193 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0

...obviously the xx.xx.xx.xx has been replaced to no show the real address.

Any idea why this would happen? I find it particularly strange since it works just fine for awhile.

- Mike