modules − Shorewall file
/usr/share/shorewall/modules |
||
/usr/share/shorewall/helpers |
These files specify which kernel modules Shorewall will load before trying to determine your iptables/kernel's capabilities.
The modules file is used when LOAD_HELPERS_ONLY=No in shorewall.conf [1] (8); the helpers file is used when LOAD_HELPERS_ONLY=Yes
Each record in the files has the following format:
loadmodule modulename [moduleoption...] |
The modulename names a kernel module (without suffix). Shorewall will search for modules based on your MODULESDIR and MODULE_SUFFIX settings in shorewall.conf [1] (8). The moduleoptions are passed to modprobe (if installed) or to insmod.
The /usr/share/shorewall/modules file contains a large number of modules. Users are encouraged to copy the file to /etc/shorewall/modules and modify the copy to load only the modules required or to use LOAD_HELPERS_ONLY=Yes..if n .sp
Note
If you build monolithic kernels and have not installed module−init−tools, then create an empty /etc/shorewall/modules file; that will prevent Shorewall from trying to load modules at all.
loadmodule ip_conntrack_ftp ports=21,221
/usr/share/shorewall/modules
/usr/share/shorewall/helpers
/etc/shorewall/modules
/etc/shorewall/helpers
shorewall(8), shorewall−accounting(5), shorewall−actions(5), shorewall−blacklist(5), shorewall−hosts(5), shorewall_interfaces(5), shorewall−ipsets(5), shorewall−maclist(5), shorewall−masq(5), shorewall−nat(5), shorewall−netmap(5), shorewall−params(5), shorewall−policy(5), shorewall−providers(5), shorewall−proxyarp(5), shorewall−rtrules(5), shorewall−routestopped(5), shorewall−rules(5), shorewall.conf(5), shorewall−secmarks(5), shorewall−tcclasses(5), shorewall−tcdevices(5), shorewall−mangle(5), shorewall−tos(5), shorewall−tunnels(5), shorewall−zones(5)
1. |
shorewall.conf |
http://www.shorewall.net/manpages/shorewall.conf.html