Simon Hobson wrote: > Guilsson . wrote: > >> When I noticed that WITHOUT any masqs some devices still registered >> with NATed IP, I went further and discovered: >> - 2 Netfilter modules are loaded by default in Fedora 8 >> --- nf_nat_h323 >> --- nf_conntrack_h323 >> >> Unloading (modprobe -r) then, just like a Magic, everything back to >> normal operations. My masq entries worked as should be. >> >> Two doubts: >> 1) Every shorewall restart load these two modules again. How can I >> configure Shorewall to not load them ? > > > IIRC, you copy the modules file from /usr/share/shorewall to > /etc/shorewall, then comment out or delete those entries from the > copy.
If you are running a version of Shorewall prior to 4.0.6, that's the only way to do it. Otherwise, it's probably preferable to use DONT_LOAD as I explained in my earlier post. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
