FW: FW: [SLUG] hylafax

Mon, 13 Mar 2006 19:36:39 -0800 

Ok did that but when I execute /sbin/service iptables restart I got errors
Initially
        [EMAIL PROTECTED] ~]# /sbin/service iptables restart
        Flushing firewall rules:                                   [  OK  ]
        Setting chains to policy ACCEPT: filter                    [  OK  ]
        Unloading iptables modules:                                [  OK  ]
        Applying iptables firewall rules:                          [  OK  ]
        Loading additional iptables modules: ip_contrack ip_nat_ftp[FAILED]
But after that I keep getting
        [EMAIL PROTECTED] ~]# /sbin/service iptables restart
        Flushing firewall rules:                                   [  OK  ]
        Setting chains to policy ACCEPT: filter                    [  OK  ]
        Unloading iptables modules:                                [  OK  ]
        Applying iptables firewall rules: iptables-restore: line 36 failed
                                                           [FAILED]


Regards, 
Phill O'Flynn 

-----Original Message-----
From: Matthew Hannigan [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 14 March 2006 2:17 PM
To: Phill O'Flynn
Cc: [email protected]
Subject: Re: FW: [SLUG] hylafax

On Tue, Mar 14, 2006 at 02:04:46PM +1100, Phill O'Flynn wrote:
> 
> I have had a look at /etc/sysconfig/iptables-config but not sure what to
put
> in it.

The first comments in that file are a little short, but 
they summarise what's required pretty well:

        # Load additional iptables modules (nat helpers)
        #   Default: -none-
        # Space separated list of nat helpers (e.g. 'ip_nat_ftp
ip_nat_irc'), which
        # are loaded after the firewall rules are applied. Options for the
helpers are
        # stored in /etc/modprobe.conf.
        IPTABLES_MODULES=""

So in your case that var would be

        IPTABLES_MODULES="ip_conntrack ip_nat_ftp"

> 
> I tried 
> "...
> /etc/modprobe.conf.local and add options lines like:
> options   ip_conntrack    ports=21,4559
> options   ip_nat_ftp    ports=21,4559 "..

Yeah I dunno about /etc/modprobe.conf.local; I'd just put those
lines in /etc/modprobe.conf

> as suggested by Keith but I only had modprobe.conf. So after editing the
> file and rebooting the firewall was still blocking the transmission from
the
> hylafax client. Does this file get processed on boot

You should be able to do
        
        /sbin/service iptables restart

to get it working after the previous config changes,
but by all means do a reboot to satisfy yourself
that it still works after a reboot.


Matt
--
must get myself one of those sig things sometime


-- 
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Reply via email to