<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd"> <refentry> <refmeta> <refentrytitle>shorewall-modules</refentrytitle> <manvolnum>5</manvolnum> </refmeta> <refnamediv> <refname>modules</refname> <refpurpose>Shorewall file</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> <command>/usr/share/shorewall/modules</command> </cmdsynopsis> <cmdsynopsis> <command>/usr/share/shorewall/helpers</command> </cmdsynopsis> </refsynopsisdiv> <refsect1> <title>Description</title> <para>These files specify which kernel modules Shorewall will load before trying to determine your iptables/kernel's capabilities.</para> <para>The <filename>modules</filename> file is used when LOAD_HELPERS_ONLY=No in <ulink url="shorewall.conf.html">shorewall.conf</ulink>(8); the <filename>helpers</filename> file is used when LOAD_HELPERS_ONLY=Yes</para> <para>Each record in the files has the following format:</para> <cmdsynopsis> <command>loadmodule</command> <arg choice="plain"><replaceable class="parameter">modulename</replaceable></arg> <arg rep="repeat"><replaceable>moduleoption</replaceable></arg> </cmdsynopsis> <para>The <replaceable>modulename</replaceable> names a kernel module (without suffix). Shorewall will search for modules based on your MODULESDIR and MODULE_SUFFIX settings in <ulink url="shorewall.conf.html">shorewall.conf</ulink>(8). The <replaceable>moduleoption</replaceable>s are passed to modprobe (if installed) or to insmod.</para> <para>The /usr/share/shorewall/modules file contains a large number of modules. Users are encouraged to copy the file to /etc/shorewall/modules and modify the copy to load only the modules required or to use LOAD_HELPERS_ONLY=Yes.<note> <para>If you build monolithic kernels and have not installed module-init-tools, then create an empty /etc/shorewall/modules file; that will prevent Shorewall from trying to load modules at all.</para> </note></para> </refsect1> <refsect1> <title>Example</title> <para>loadmodule ip_conntrack_ftp ports=21,221</para> </refsect1> <refsect1> <title>FILES</title> <para>/usr/share/shorewall/modules</para> <para>/usr/share/shorewall/helpers</para> <para>/etc/shorewall/modules</para> <para>/etc/shorewall/helpers</para> </refsect1> <refsect1> <title>See ALSO</title> <para>shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5), shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)</para> </refsect1> </refentry>