Poniższą wiadomość napisał(a) Artur Uszyński <[email protected]> w dniu 26.11.2014 14:32:
> Hello. > > Shorewall 4.6.4.1 > kernel 3.10.0 > In shorewall.conf I have "DONT_LOAD=nf_conntrack_sip,nf_nat_sip" > In shorewall.conf I have "AUTOHELPERS=No", HELPERS is empty. > SIP section in /etc/shorewall/conntrack is commented out (checked - no sip > entries in raw table after shorewall start). > "ports=0" is specified in /etc/shorewall/helpers for appropriate *sip lines > (or alternatively all *sip lines commented out). > There are not any rules specifying port 5060 in /etc/shorewall/rules. > > Despite doing the above steps, nf_conntrack_sip is being loaded during every > restart of shorewall (although nf_nat_sip obeys my disposition and never gets > loaded). > > Also, after doing "shorewall compile OUTPUT ." inside /etc/shorewall, > nf_conntrack_sip module gets automatically loaded (yes, after dry copilation > of rules), although resulting OUTPUT file does not contain anything which > would load this module. > > nf_conntrack_sip is always at the top of lsmod output, no other modules use > it. > > I ended up adding "rmmod nf_conntrack_sip" to /ec/shorewall/started. > > The same happens for shorewall6. > > Is there any way to properly skip loading of this module ? > > Regards. > -- > Artur Answering myself. It seems that all methods described above are inefective since automatic helpers were deprecated. The only way to achieve the goal is to specify list of wanted helpers (or "none") in Shorewall.conf for HELPERS variable. Regards. -- Artur ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
