shorewall-modules
5
Configuration Files
modules
Shorewall file
/usr/share/shorewall/modules
/usr/share/shorewall/helpers
Description
These files specify which kernel modules Shorewall will load before
trying to determine your iptables/kernel's capabilities.
The modules file is used when
LOAD_HELPERS_ONLY=No in shorewall.conf(8); the
helpers file is used when
LOAD_HELPERS_ONLY=Yes
Each record in the files has the following format:
loadmodule
modulename
moduleoption
The modulename names a kernel module
(without suffix). Shorewall will search for modules based on your
MODULESDIR and MODULE_SUFFIX settings in shorewall.conf(8). The
moduleoptions are passed to modprobe (if
installed) or to insmod.
The /usr/share/shorewall/modules file contains a large number of
modules. Users are encouraged to copy the file to /etc/shorewall/modules
and modify the copy to load only the modules required or to use
LOAD_HELPERS_ONLY=Yes.
If you build monolithic kernels and have not installed
module-init-tools, then create an empty /etc/shorewall/modules file;
that will prevent Shorewall from trying to load modules at all.
Example
loadmodule ip_conntrack_ftp ports=21,221
FILES
/usr/share/shorewall/modules
/usr/share/shorewall/helpers
/etc/shorewall/modules
/etc/shorewall/helpers
See ALSO
shorewall(8), shorewall-accounting(5), shorewall-actions(5),
shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5),
shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5),
shorewall-tcdevices(5), shorewall-mangle(5), shorewall-tos(5),
shorewall-tunnels(5), shorewall-zones(5)