I have a machine used as a firewall/router, on Slackware 12.

I have compiled a kernel.

I just wonder if there is any ideas on witch netfilter modules to use (or to avoid), whether to include into kernel or to modulize?

I thought that to compiling the most of them into the kernel would make things simple for a dedicated firewal. Now the iptables is disturbing SIP-trafic (IP-telephone) so it wasnt that good idea after all.

Netfilter is quite a challange - so any experiences are interesting.