Amos Jeffries wrote: > > All right. > Here is the fairly common shorewall 3.4's default dependencies as taken > from /usr/share/shorewall/modules . > These are not likely to change per-system without a clueful administrator. A couple of things should be noted about this list. a) It it includes modules that no longer exist in current kernels since Shorewall is often run on older kernels. b) It includes modules that currently aren't used by Shorewall. I've flagged those below with <================= c) The list includes traffic shaping modules which don't apply to the current discussion. As others have written, I think it is important to include the common helpers since their absence usually messes people up. > > # > # Essential Modules > # > loadmodule nfnetlink > loadmodule x_tables > loadmodule ip_tables > loadmodule iptable_filter > loadmodule iptable_mangle > loadmodule ip_conntrack > loadmodule nf_conntrack > loadmodule nf_conntrack_ipv4 > loadmodule iptable_nat > loadmodule xt_state > loadmodule xt_tcpudp > # > # Other xtables modules > # > loadmodule xt_CLASSIFY > loadmodule xt_connmark > loadmodule xt_CONNMARK > loadmodule xt_conntrack > loadmodule xt_dccp <================== > loadmodule xt_hashlimit <================== > loadmodule xt_helper <================== > loadmodule xt_length <================== > loadmodule xt_limit > loadmodule xt_mac > loadmodule xt_mark > loadmodule xt_MARK > loadmodule xt_NFLOG > loadmodule xt_NFQUEUE > loadmodule xt_physdev > loadmodule xt_pkttype > loadmodule xt_tcpmss > # > # Helpers > # > loadmodule ip_conntrack_amanda > loadmodule ip_conntrack_ftp > loadmodule ip_conntrack_h323 > loadmodule ip_conntrack_irc > loadmodule ip_conntrack_netbios_ns > loadmodule ip_conntrack_pptp > # loadmodule ip_conntrack_sip > loadmodule ip_conntrack_tftp > loadmodule ip_nat_amanda > loadmodule ip_nat_ftp > loadmodule ip_nat_h323 > loadmodule ip_nat_irc > loadmodule ip_nat_pptp > # loadmodule ip_nat_sip > loadmodule ip_nat_snmp_basic > loadmodule ip_nat_tftp > loadmodule ip_set > loadmodule ip_set_iphash > loadmodule ip_set_ipmap > loadmodule ip_set_macipmap > loadmodule ip_set_portmap > # > # 2.6.20+ helpers > # > loadmodule nf_conntrack_ftp > loadmodule nf_conntrack_h323 > loadmodule nf_conntrack_irc > loadmodule nf_conntrack_netbios_ns > loadmodule nf_conntrack_netlink > loadmodule nf_conntrack_pptp > loadmodule nf_conntrack_proto_gre > loadmodule nf_conntrack_proto_sctp > loadmodule nf_conntrack_sip > loadmodule nf_conntrack_tftp > loadmodule nf_nat_amanda > loadmodule nf_nat_ftp > loadmodule nf_nat_h323 > loadmodule nf_nat_irc > loadmodule nf_nat > loadmodule nf_nat_pptp > loadmodule nf_nat_proto_gre > loadmodule nf_nat_sip > loadmodule nf_nat_snmp_basic > loadmodule nf_nat_tftp > # > # Traffic Shaping > # > loadmodule sch_sfq > loadmodule sch_ingress > loadmodule sch_htb > loadmodule cls_u32 > # > # Extensions > # > loadmodule ipt_addrtype > loadmodule ipt_ah <================= > loadmodule ipt_CLASSIFY > loadmodule ipt_CLUSTERIP <================= > loadmodule ipt_comment > loadmodule ipt_connmark > loadmodule ipt_CONNMARK > loadmodule ipt_conntrack > loadmodule ipt_dscp <================= > loadmodule ipt_DSCP <================= > loadmodule ipt_ecn > loadmodule ipt_ECN > loadmodule ipt_esp <================= > loadmodule ipt_hashlimit > loadmodule ipt_helper > loadmodule ipt_ipp2p > loadmodule ipt_iprange > loadmodule ipt_length <================== > loadmodule ipt_limit > loadmodule ipt_LOG > loadmodule ipt_mac > loadmodule ipt_mark > loadmodule ipt_MARK > loadmodule ipt_MASQUERADE > loadmodule ipt_multiport > loadmodule ipt_NETMAP > loadmodule ipt_NOTRACK <=================== > loadmodule ipt_owner > loadmodule ipt_physdev > loadmodule ipt_pkttype > loadmodule ipt_policy > loadmodule ipt_realm > loadmodule ipt_recent > loadmodule ipt_REDIRECT > loadmodule ipt_REJECT > loadmodule ipt_SAME > loadmodule ipt_sctp <==================== > loadmodule ipt_set > loadmodule ipt_state > loadmodule ipt_tcpmss > loadmodule ipt_TCPMSS > loadmodule ipt_tos > loadmodule ipt_TOS > loadmodule ipt_ttl <===================== > loadmodule ipt_TTL <===================== > loadmodule ipt_ULOG > -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@xxxxxxxxxxxxx PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Attachment:
signature.asc
Description: OpenPGP digital signature
