On 04/18/2013 02:12 PM, Dash Four wrote: > > > Tom Eastep wrote: >>> Erm, you've lost me. What does that mean? >>> >> >> It means that it is not really feasible to sync the loaded helper >> modules with the HELPERS option. >> > Got it, thanks. > > > >>> OK, so if I use iptables targets (which appear as kernel modules) and >>> don't need any "helpers" loaded, in order to prevent shorewall from >>> loading anything else (well, anything apart from the "essential" modules >>> - not sure if iptables would load these automatically!) while starting >>> my firewall successfully, all I have to do is: >>> >>> HELPERS=none >>> LOAD_HELPERS_ONLY=Yes >>> >>> Correct, or am I going to have my fingers burned? >>> >> >> That will work, provided that you have module autoloading enabled in >> your kernel and you have an empty 'modules' file in /etc/shorewall/; in >> that case, Shorewall won't load a thing. >> > And my firewall will start successfully, right? >
Yep. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
