Tom Eastep 2003-12-01 2001-2003 Thomas M Eastep Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled GNU Free Documentation License.

A kernel that supports netfilter. I've tested with 2.4.2 - 2.4.23. With current releases of Shorewall, Traffic Shaping/Control requires at least 2.4.18. Check here for kernel configuration information. If you are looking for a firewall for use with 2.2 kernels, see the Seattle Firewall site. iptables 1.2 or later but beware version 1.2.3 -- see the Errata. The buggy iptables version 1.2.3 is included in RedHat 7.2 and you should upgrade to iptables 1.2.4 prior to installing Shorewall. Version 1.2.4 is available from RedHat and in the Shorewall Errata. Iproute (ip utility). The iproute package is included with most distributions but may not be installed by default. The official download site is ftp://ftp.inr.ac.ru/ip-routing. A Bourne shell or derivative such as bash or ash. This shell must have correct support for variable expansion formats ${variable%pattern}, ${variable%%pattern}, ${variable#pattern} and ${variable##pattern}. Your shell must produce a sensible result when a number n (128 <= n <= 255) is left shifted by 24 bits. You can check this at a shell prompt by:echo $((128 << 24))The result must be either 2147483648 or -2147483648. The firewall monitoring display is greatly improved if you have awk (gawk) installed.