2002-05-01 01:13:15 +02:00
|
|
|
#
|
2007-07-09 16:01:07 +02:00
|
|
|
# Shorewall version 4 - Modules File
|
2003-02-08 21:58:44 +01:00
|
|
|
#
|
2006-09-07 22:50:19 +02:00
|
|
|
# /usr/share/shorewall/modules
|
2003-02-08 21:58:44 +01:00
|
|
|
#
|
2007-02-06 22:29:30 +01:00
|
|
|
# This file loads the modules that may be needed by the firewall.
|
2005-08-02 18:46:30 +02:00
|
|
|
#
|
|
|
|
|
# THE ORDER OF THE COMMANDS BELOW IS IMPORTANT!!!!!! You MUST load in
|
|
|
|
|
# dependency order. i.e., if M2 depends on M1 then you must load M1
|
|
|
|
|
# before you load M2.
|
|
|
|
|
#
|
2007-09-10 17:52:57 +02:00
|
|
|
# If you need to modify this file, copy it to /etc/shorewall and modify the
|
|
|
|
|
# copy.
|
2005-08-02 18:46:30 +02:00
|
|
|
#
|
|
|
|
|
###############################################################################
|
2006-01-04 23:40:08 +01:00
|
|
|
#
|
|
|
|
|
# Essential Modules
|
|
|
|
|
#
|
2006-09-07 22:48:40 +02:00
|
|
|
loadmodule nfnetlink
|
|
|
|
|
loadmodule x_tables
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_tables
|
|
|
|
|
loadmodule iptable_filter
|
2006-03-09 17:40:21 +01:00
|
|
|
loadmodule iptable_mangle
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_conntrack
|
2007-03-18 03:53:58 +01:00
|
|
|
loadmodule nf_conntrack
|
|
|
|
|
loadmodule nf_conntrack_ipv4
|
2006-03-09 17:40:21 +01:00
|
|
|
loadmodule iptable_nat
|
2006-09-07 22:48:40 +02:00
|
|
|
loadmodule xt_state
|
|
|
|
|
loadmodule xt_tcpudp
|
|
|
|
|
#
|
|
|
|
|
# Other xtables modules
|
|
|
|
|
#
|
|
|
|
|
loadmodule xt_CLASSIFY
|
|
|
|
|
loadmodule xt_connmark
|
|
|
|
|
loadmodule xt_CONNMARK
|
|
|
|
|
loadmodule xt_conntrack
|
|
|
|
|
loadmodule xt_dccp
|
2007-03-18 03:53:58 +01:00
|
|
|
loadmodule xt_hashlimit
|
2006-09-07 22:48:40 +02:00
|
|
|
loadmodule xt_helper
|
|
|
|
|
loadmodule xt_length
|
|
|
|
|
loadmodule xt_limit
|
|
|
|
|
loadmodule xt_mac
|
|
|
|
|
loadmodule xt_mark
|
|
|
|
|
loadmodule xt_MARK
|
2007-08-09 17:16:08 +02:00
|
|
|
loadmodule xt_multiport
|
2007-03-18 03:53:58 +01:00
|
|
|
loadmodule xt_NFLOG
|
2006-09-07 22:48:40 +02:00
|
|
|
loadmodule xt_NFQUEUE
|
|
|
|
|
loadmodule xt_physdev
|
|
|
|
|
loadmodule xt_pkttype
|
|
|
|
|
loadmodule xt_tcpmss
|
2006-01-04 23:40:08 +01:00
|
|
|
#
|
|
|
|
|
# Helpers
|
|
|
|
|
#
|
2007-02-06 22:29:30 +01:00
|
|
|
loadmodule ip_conntrack_amanda
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_conntrack_ftp
|
2007-02-06 22:29:30 +01:00
|
|
|
loadmodule ip_conntrack_h323
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_conntrack_irc
|
2007-02-06 22:29:30 +01:00
|
|
|
loadmodule ip_conntrack_netbios_ns
|
|
|
|
|
loadmodule ip_conntrack_pptp
|
|
|
|
|
loadmodule ip_conntrack_sip
|
|
|
|
|
loadmodule ip_conntrack_tftp
|
|
|
|
|
loadmodule ip_nat_amanda
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_nat_ftp
|
2007-02-06 22:29:30 +01:00
|
|
|
loadmodule ip_nat_h323
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_nat_irc
|
2007-02-06 22:29:30 +01:00
|
|
|
loadmodule ip_nat_pptp
|
|
|
|
|
loadmodule ip_nat_sip
|
|
|
|
|
loadmodule ip_nat_snmp_basic
|
|
|
|
|
loadmodule ip_nat_tftp
|
2005-08-02 18:46:30 +02:00
|
|
|
loadmodule ip_set
|
|
|
|
|
loadmodule ip_set_iphash
|
|
|
|
|
loadmodule ip_set_ipmap
|
|
|
|
|
loadmodule ip_set_macipmap
|
|
|
|
|
loadmodule ip_set_portmap
|
2006-01-04 23:40:08 +01:00
|
|
|
#
|
2007-03-18 03:53:58 +01:00
|
|
|
# 2.6.20+ helpers
|
|
|
|
|
#
|
|
|
|
|
loadmodule nf_conntrack_ftp
|
|
|
|
|
loadmodule nf_conntrack_h323
|
|
|
|
|
loadmodule nf_conntrack_irc
|
|
|
|
|
loadmodule nf_conntrack_netbios_ns
|
|
|
|
|
loadmodule nf_conntrack_netlink
|
|
|
|
|
loadmodule nf_conntrack_pptp
|
|
|
|
|
loadmodule nf_conntrack_proto_gre
|
|
|
|
|
loadmodule nf_conntrack_proto_sctp
|
|
|
|
|
loadmodule nf_conntrack_sip
|
|
|
|
|
loadmodule nf_conntrack_tftp
|
|
|
|
|
loadmodule nf_nat_amanda
|
|
|
|
|
loadmodule nf_nat_ftp
|
|
|
|
|
loadmodule nf_nat_h323
|
|
|
|
|
loadmodule nf_nat_irc
|
|
|
|
|
loadmodule nf_nat
|
|
|
|
|
loadmodule nf_nat_pptp
|
|
|
|
|
loadmodule nf_nat_proto_gre
|
|
|
|
|
loadmodule nf_nat_sip
|
|
|
|
|
loadmodule nf_nat_snmp_basic
|
|
|
|
|
loadmodule nf_nat_tftp
|
|
|
|
|
#
|
2006-01-04 23:40:08 +01:00
|
|
|
# Traffic Shaping
|
|
|
|
|
#
|
|
|
|
|
loadmodule sch_sfq
|
|
|
|
|
loadmodule sch_ingress
|
|
|
|
|
loadmodule sch_htb
|
|
|
|
|
loadmodule cls_u32
|
2007-08-26 17:09:27 +02:00
|
|
|
loadmodule act_police
|
2006-01-04 23:40:08 +01:00
|
|
|
#
|
|
|
|
|
# Extensions
|
|
|
|
|
#
|
|
|
|
|
loadmodule ipt_addrtype
|
|
|
|
|
loadmodule ipt_ah
|
|
|
|
|
loadmodule ipt_CLASSIFY
|
|
|
|
|
loadmodule ipt_CLUSTERIP
|
|
|
|
|
loadmodule ipt_comment
|
|
|
|
|
loadmodule ipt_connmark
|
|
|
|
|
loadmodule ipt_CONNMARK
|
|
|
|
|
loadmodule ipt_conntrack
|
|
|
|
|
loadmodule ipt_dscp
|
|
|
|
|
loadmodule ipt_DSCP
|
|
|
|
|
loadmodule ipt_ecn
|
|
|
|
|
loadmodule ipt_ECN
|
|
|
|
|
loadmodule ipt_esp
|
|
|
|
|
loadmodule ipt_hashlimit
|
|
|
|
|
loadmodule ipt_helper
|
2006-02-10 20:33:31 +01:00
|
|
|
loadmodule ipt_ipp2p
|
2006-01-04 23:40:08 +01:00
|
|
|
loadmodule ipt_iprange
|
|
|
|
|
loadmodule ipt_length
|
|
|
|
|
loadmodule ipt_limit
|
|
|
|
|
loadmodule ipt_LOG
|
|
|
|
|
loadmodule ipt_mac
|
|
|
|
|
loadmodule ipt_mark
|
|
|
|
|
loadmodule ipt_MARK
|
|
|
|
|
loadmodule ipt_MASQUERADE
|
|
|
|
|
loadmodule ipt_multiport
|
|
|
|
|
loadmodule ipt_NETMAP
|
|
|
|
|
loadmodule ipt_NOTRACK
|
|
|
|
|
loadmodule ipt_owner
|
|
|
|
|
loadmodule ipt_physdev
|
|
|
|
|
loadmodule ipt_pkttype
|
|
|
|
|
loadmodule ipt_policy
|
|
|
|
|
loadmodule ipt_realm
|
|
|
|
|
loadmodule ipt_recent
|
|
|
|
|
loadmodule ipt_REDIRECT
|
|
|
|
|
loadmodule ipt_REJECT
|
|
|
|
|
loadmodule ipt_SAME
|
|
|
|
|
loadmodule ipt_sctp
|
2006-01-05 00:26:32 +01:00
|
|
|
loadmodule ipt_set
|
2006-01-04 23:40:08 +01:00
|
|
|
loadmodule ipt_state
|
|
|
|
|
loadmodule ipt_tcpmss
|
|
|
|
|
loadmodule ipt_TCPMSS
|
|
|
|
|
loadmodule ipt_tos
|
|
|
|
|
loadmodule ipt_TOS
|
|
|
|
|
loadmodule ipt_ttl
|
|
|
|
|
loadmodule ipt_TTL
|
|
|
|
|
loadmodule ipt_ULOG
|
2005-08-02 18:46:30 +02:00
|
|
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
