On Tue, Mar 14, 2006 at 02:04:46PM +1100, Phill O'Flynn wrote:
>
> I have had a look at /etc/sysconfig/iptables-config but not sure what to put
> in it.
The first comments in that file are a little short, but
they summarise what's required pretty well:
# Load additional iptables modules (nat helpers)
# Default: -none-
# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'),
which
# are loaded after the firewall rules are applied. Options for the
helpers are
# stored in /etc/modprobe.conf.
IPTABLES_MODULES=""
So in your case that var would be
IPTABLES_MODULES="ip_conntrack ip_nat_ftp"
>
> I tried
> "...
> /etc/modprobe.conf.local and add options lines like:
> options ip_conntrack ports=21,4559
> options ip_nat_ftp ports=21,4559 "..
Yeah I dunno about /etc/modprobe.conf.local; I'd just put those
lines in /etc/modprobe.conf
> as suggested by Keith but I only had modprobe.conf. So after editing the
> file and rebooting the firewall was still blocking the transmission from the
> hylafax client. Does this file get processed on boot
You should be able to do
/sbin/service iptables restart
to get it working after the previous config changes,
but by all means do a reboot to satisfy yourself
that it still works after a reboot.
Matt
--
must get myself one of those sig things sometime
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
