On Fri, Dec 27, 2002 at 11:27:43AM -0700, Dan Egli wrote: > Unfortunately, I believe that once a module is compiled into the kernel > it's present, end of discussion. And besides. thats not quite what you Agreed on this. It's a big incentive to do all/most of the netfilter stuff as modules. > want is it? removing ip_conntrack_irc would kill ALL irc abilities, not > just DCC. After all, doens't IRC operate on multiple ports, similiar to FTP? You should be able to actually IRC through the box, as that's a simple TCP connection one way or the other, assuming other rules allow it. The ip_nat_irc and ip_conntrack_irc are to snoop DCC commands to allow those to work. Yes, the client<->server can use any port really, which is why the irc modules allow you to pass a list of ports to snoop. Another good reason to compile them as modules as I don't believe you can specify the ports option when hard compiled in? Or is there some runtime option that could be added with lilo's append statement? -Ath -- - Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/ Finger athan(at)fysh.org for PGP key "And it's me who is my enemy. Me who beats me up. Me who makes the monsters. Me who strips my confidence." Paula Cole - ME
Attachment:
pgp00234.pgp
Description: PGP signature
