Shorewall Documentation

Tom Eastep

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.

2004-05-15


Caution

Are you running Shorewall on Mandrake™ Linux with a two-interface setup?

If so and if you configured your system while running a Mandrake release earlier than 10.0 final then this documentation will not apply directly to your environment. If you want to use the documentation that you find here, you will want to consider uninstalling what you have and installing a configuration that matches this documentation. See the Two-interface QuickStart Guide for details.

The remainder of the Documentation supplements the QuickStart Guides. Please review the appropriate guide before trying to use this documentation directly.

  1. Accounting

  2. Aliased (virtual) Interfaces (e.g., eth0:0)

  3. Bandwidth Control

  4. Blacklisting

    • Static Blacklisting using /etc/shorewall/blacklist

    • Dynamic Blacklisting using /sbin/shorewall

  5. Bridge/Firewall

  6. Commands (Description of all /sbin/shorewall commands)

  7. Common configuration file features 

  8. Configuration File Reference Manual

  9. Corporate Network Example (Contributed by a Graeme Boyle)

  10. DHCP

  11. ECN Disabling by host or subnet

  12. Errata

  13. Extension Scripts (How to extend Shorewall without modifying Shorewall code through the use of files in /etc/shorewall -- /etc/shorewall/start, /etc/shorewall/stopped, etc.)

  14. Fallback/Uninstall

  15. FAQs

  16. Features

  17. Forwarding Traffic on the Same Interface

  18. FTP and Shorewall

  19. Getting help or answers to questions

  20. Installation/Upgrade

  21. IPSEC

  22. Kazaa Filtering

  23. Kernel Configuration

  24. Logging

  25. MAC Verification

  26. Multiple Zones Through One Interface

  27. My Shorewall Configuration (How I personally use Shorewall)

  28. Netfilter Overview

  29. Network Mapping

  30. One-to-one NAT (Formerly referred to as Static NAT)

  31. OpenVPN

  32. Operating Shorewall

  33. 'Ping' Management

  34. Port Information

    • Which applications use which ports

    • Ports used by Trojans

  35. PPTP

  36. Proxy ARP

  37. Requirements

  38. Routing on One Interface

  39. Samba

  40. Shorewall Setup Guide

  41. Starting/stopping the Firewall

    • Description of all /sbin/shorewall commands

    • How to safely test a Shorewall configuration change

  42. Squid with Shorewall

  43. Traffic Accounting

  44. Traffic Shaping/QOS

  45. Troubleshooting (Things to try if it doesn't work)

  46. User-defined Actions

  47. UID/GID Based Rules

  48. Upgrade Issues

  49. VPN

  50. White List Creation