On Tue, 2011-07-19 at 10:31 -0700, Tom Eastep wrote: > On Tue, 2011-07-19 at 19:18 +0200, Martin Krellmann wrote: > > > This sounds plausible and explains why it works at the moment... I just > > changed the IP of the asterisk box (no traffic then) and changed it back to > > the original one. > > Do you mean the ip_conntrack_sip package, which I disabled before or just > > the ip_conntrack module? > > I mean the package called 'conntrack' which includes /sbin/conntrack. I > rather doubt that it is available for CentOS 5.6, however. > > > > > I already have shorewall-init on my gateway system and configured it now > > according to the manpage. But I have difficulties starting it... Do I have > > to disable the normal shorewall start script or do I need both? > > You must disable the normal Shorewall start script and let > shorewall-init start it at the proper time.
It is also very important to realize that '/etc/init.d/shorewall-init start' actually executes '/sbin/shorewall stop', if Shorewall is under control of Shorewall-init. Shorewall will remain stopped until an 'optional' or 'required' interface changes state. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
