On 09/21/2012 03:14 PM, Tarqi Kazan wrote: > Ok, > > I found out the following: > > PPTP Client from the LAN to a remote side needs NO modules loaded, which > means: > > If the modules: > nf_nat_pptp > nf_nat_proto_gre > nf_conntrack_pptp > nf_conntrack_proto_gre > > are NOT loaded, everything works like expected. > There are NO rules needed. > > However, how can I prevent shorewall from loading these modules? > > I did the following: > - copied "helpers" to /etc/shorewall AND commented out the modules > - set strongwall.conf "AUTOHELPERS" to "No"
You probably don't want that. > - set strongwall.conf "LOAD_HELPERS_ONLY" to "Yes" > - set strongwall.conf "HELPERS" to "" > > However, the modules are still loaded. There are no rules, which may > autoload them involved. > > Any clues? Did you unload the modules? Changing the modules configuration won't unload any modules that are already loaded. -Tom PS -- the product is 'shorewall', not 'strongwall' :-) -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
