On Oct 31, 2007, at 3:27 PM, Tom Eastep wrote: > > On the flip side, note that we've seen cases where loading > ip_conntrack_sip has actually _broken_ working SIP installations.
That reminds me.. To work around the ip_nat_sip problem, I first appended 'rmmod ip_nat sip &> /dev/null' to our start file. It was a great solution, or so I thought, because it didn't require modification of anything outside of /etc/shorewall and survived shorewall upgrades performed via yum update. Then one day, the problem mysteriously returned and I discovered that someone had issued a 'shorewall check' on the router, which had loaded the ip_nat_sip module but did not ran the start file. I understand that shorewall check should not run the start file, but is it necessary that it loads the modules file? It seems that something like shorewall check should produce no side effects. -Brian ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
