2002-09-30 20:11:25 +02:00
|
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
2002-08-07 16:28:04 +02:00
|
|
|
|
<html>
|
|
|
|
|
|
<head>
|
2002-09-30 20:11:25 +02:00
|
|
|
|
<meta http-equiv="Content-Language" content="en-us">
|
|
|
|
|
|
<meta http-equiv="Content-Type"
|
|
|
|
|
|
content="text/html; charset=windows-1252">
|
|
|
|
|
|
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
|
|
|
|
|
|
<meta name="ProgId" content="FrontPage.Editor.Document">
|
|
|
|
|
|
<title>Shorewall Prerequisites</title>
|
2002-08-07 16:28:04 +02:00
|
|
|
|
</head>
|
2003-11-17 22:06:32 +01:00
|
|
|
|
<body>
|
|
|
|
|
|
<h1 style="text-align: center;">Shorewall Requirements</h1>
|
|
|
|
|
|
Shorewall Requires:<br>
|
2002-08-22 23:33:54 +02:00
|
|
|
|
<ul>
|
2003-11-17 22:06:32 +01:00
|
|
|
|
<li>A kernel that supports netfilter. I've tested with 2.4.2 -
|
|
|
|
|
|
2.4.20. With current releases of Shorewall, Traffic Shaping/Control
|
|
|
|
|
|
requires at least 2.4.18. <a href="kernel.htm"> Check here for
|
|
|
|
|
|
kernel configuration information.</a> If you are looking for a firewall
|
|
|
|
|
|
for use with 2.2 kernels, <a href="http://seawall.sf.net"> see the
|
|
|
|
|
|
Seattle
|
|
|
|
|
|
Firewall site</a> .</li>
|
|
|
|
|
|
<li>iptables 1.2 or later but beware version 1.2.3 -- see the <a
|
|
|
|
|
|
href="errata.htm">Errata</a>. <font color="#ff0000"><b>WARNING: </b></font>The
|
|
|
|
|
|
buggy iptables version 1.2.3 is included in RedHat 7.2 and you should
|
|
|
|
|
|
upgrade to iptables 1.2.4 prior to installing Shorewall. Version 1.2.4
|
|
|
|
|
|
is available <a
|
|
|
|
|
|
href="http://www.redhat.com/support/errata/RHSA-2001-144.html">from
|
|
|
|
|
|
RedHat</a> and in the <a href="errata.htm">Shorewall Errata</a>. </li>
|
|
|
|
|
|
<li>Iproute ("ip" utility). The iproute package is included with most
|
|
|
|
|
|
distributions but may not be installed by default. The official
|
|
|
|
|
|
download site is <a href="ftp://ftp.inr.ac.ru/ip-routing"
|
|
|
|
|
|
target="_blank"> <font face="Century Gothic, Arial, Helvetica">f</font>tp://ftp.inr.ac.ru/ip-routing</a>.
|
|
|
|
|
|
</li>
|
|
|
|
|
|
<li>A Bourne shell or derivative such as bash or ash. This shell must
|
|
|
|
|
|
have correct support for variable expansion formats ${<i>variable</i>%<i>pattern</i>
|
|
|
|
|
|
}, ${<i>variable</i>%%<i>pattern</i>}, ${<i>variable</i>#<i>pattern</i>
|
|
|
|
|
|
} and ${<i>variable</i>##<i>pattern</i>}.</li>
|
|
|
|
|
|
<li>Your shell must produce a sensible result when a number n (128
|
|
|
|
|
|
<= n <= 255) is left shifted by 24 bits. You can check this at a
|
|
|
|
|
|
shell prompt by:</li>
|
2003-07-22 00:06:18 +02:00
|
|
|
|
<ul>
|
2003-11-17 22:06:32 +01:00
|
|
|
|
<li>echo $((128 << 24))<br>
|
|
|
|
|
|
</li>
|
|
|
|
|
|
<li>The result must be either 2147483648 or -2147483648.<br>
|
|
|
|
|
|
</li>
|
2003-07-22 00:06:18 +02:00
|
|
|
|
</ul>
|
2003-11-17 22:06:32 +01:00
|
|
|
|
<li>The firewall monitoring display is greatly improved if you have
|
|
|
|
|
|
awk (gawk) installed.</li>
|
2002-08-22 23:33:54 +02:00
|
|
|
|
</ul>
|
2003-07-22 00:06:18 +02:00
|
|
|
|
<p align="left"><font size="2">Last updated 7/8/2003 - <a
|
2002-09-30 20:11:25 +02:00
|
|
|
|
href="support.htm">Tom Eastep</a></font></p>
|
|
|
|
|
|
<p align="left"><font face="Trebuchet MS"><a href="copyright.htm"> <font
|
2003-11-17 22:06:32 +01:00
|
|
|
|
size="2">Copyright</font> <20> <font size="2">2001, 2002, 2003 Thomas M.
|
|
|
|
|
|
Eastep.</font></a></font></p>
|
2002-08-22 23:33:54 +02:00
|
|
|
|
</body>
|
2002-09-30 20:11:25 +02:00
|
|
|
|
</html>
|
