Tom Eastep
Copyright © 2001-2008 Thomas M. Eastep
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.
2008-10-05
Package Information
Finding Updates that Correct Known Problems
Download Sites
SVN
Before trying to install, I strongly urge you to read and print a copy of the Shorewall QuickStart Guide for the configuration that most closely matches your own.
The documentation in both XML and HTML formats is available for download from the Download Sites listed in the table below.
NOTICE: There are two current Shorewall Release Series:
The STABLE release series is 4.2. Choose this release if you value stability and good documentation.
The DEVELOPMENT release series is the 4.3 release candidates (found in the 'development' directory). Choose this release if you are very experienced user and you are willing to help test the code and report bugs. THIS VERSION IS EXPERIMENTAL AND IS NOT SUPPORTED.
For additional information, see this article about the Shorewall Release Model.
Beginning with Shorewall version 4.0.0 RC1, there are four related packages:
When RPM is used to install Shorewall, the compiler (shorewall-shell
and/or shorewall-perl) and shorewall-common must be installed in a
single execution of the
rpm utility.
Here are the installation instructions.
You probably don't want to install
both a
Shorewall compiler and Shorewall Lite on the same system. See the Shorewall Lite Documentation for
details.
Once you've printed the appropriate QuickStart Guide, download the appropriate modules:
Simon Matter provides RPMs tailored for Redhat and Fedora. You can download them from his site.
Fabio Longarai provides a package for OpenWRT (Open firmware for Linksys® WRT54G). You can download it from his site.
jMCg provides a package for Arch Linux. You can download it from the Arch Linux site.
If you run a SUSE, Linux PPC, Trustix or TurboLinux distribution with a 2.4 or 2.6 kernel, you can use the standard RPM version (note: the RPM should also work with other distributions that store init scripts in /etc/init.d and that include chkconfig or insserv). If you find that it works in other cases, let me know so that I can mention them here (Note: the standard RPM is known to work on Redhat, Fedora and Mandriva with issues ranging from trivial (Redhat and Fedora) to moderate (Mandriva)). See the Installation Instructions if you have problems installing the RPM.
If you run Debian and would like a .deb package, Shorewall is included in both the Debian Testing Branch and the Debian Unstable Branch. Additionally, packages for the current Debian stable release are available from the package maintainer's personal page.
If you run LEAF/Bering or one if it's
derivatives, you can download a .lrp file from the Leaf site.
From the LEAF Bering-uClibc Team: We try to provide the latest stable
version shortly after release, but we also want to do some internal
tests before making it available. So we may be behind sometimes. But
better be sure that the new version is running on LEAF, than being too
fast...
I know it's not obvious for newbies where to find the lrp on our pages.
shorewall.lrp is part of the packages page:
http://leaf.sourceforge.net/bering-uclibc/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=3&MMN_position=3:3
which itself links to cvs:
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/bin/bering-uclibc/packages/shorwall.lrp?rev=HEAD&content-type=application/octet-stream
Otherwise, download the shorewall module (.tgz)
You will probably also want to download the HTML version of the documentation for easy reference.
Beginning with Shorewall 2.2.0, you will find a file named known_problems.txt in the download directory. This file lists the known problems with that version of Shorewall. If corrections are available, they will be listed in the known problems and you can download them from the 'errata' subdirectory.
Example:
ftp> cd pub/shorewall/2.2/shorewall-2.2.0250 OK.
Current directory is /pub/shorewall/2.2/shorewall-2.2.0
ftp> ls
227 Entering Passive Mode (206,124,146,177,35,91)
150 Accepted data connection
drwxr-sr-x 3 0 0 4096 Feb 1 09:52 .
drwxr-sr-x 3 0 0 4096 Jan 28 14:28 ..
-rw-r--r-- 1 0 0 500 Jan 28 14:27 2.2.0.md5sums
drwxr-sr-x 2 0 0 4096 Feb 1 09:51 errata <=== (1)
-rw-r--r-- 1 0 0 156 Feb 1 09:52 known_problems.txt <=== (2)
-rw-r--r-- 1 0 0 16059 Jan 24 16:13 patch-2.2.0
-rwxr-xr-x 1 0 0 22963 Jan 24 16:10 releasenotes.txt
-rw-r--r-- 1 0 0 100232 Jan 25 15:58 shorewall-2.2.0-1.noarch.rpm
-rw-r--r-- 1 0 0 122161 Jan 25 15:58 shorewall-2.2.0.tgz
-rw-r--r-- 1 0 0 2534077 Jan 28 13:29 shorewall-docs-html-2.2.0.tgz
-rw-r--r-- 1 0 0 4481205 Jan 28 13:29 shorewall-docs-xml-2.2.0.tgz
-rw-r--r-- 1 0 0 93905 Jan 25 15:58 shorewall-lrp-2.2.0.tgz
226-Options: -a -l
226 13 matches total
ftp>
(1) Directory containing updates. For Shorewall
versions
prior to 2.4.0, the updates/LRP directory contains those updates that
apply
to the LRP package.
(2) List of known problems, workarounds and
updates..
Beginning with Shorewall 4.0.6, updated packages that include fixes to known problems may also be made available.
Example:
ftp> cd pub/shorewall/4.0/shorewall-4.0.6
250 OK. Current directory is /pub/shorewall/4.0/shorewall-4.0.6
ftp> ls
200 PORT command successful
150 Connecting to port 36018
drwxr-sr-x 4 1006 8 4096 Dec 1 08:16 .
drwxr-sr-x 9 1006 8 4096 Nov 23 08:22 ..
-rw-r--r-- 1 1006 8 194 Nov 24 07:38 4.0.6-2.md5sums
-rw-r--r-- 1 1006 8 218 Nov 24 07:38 4.0.6-2.sha1sums
-rw-r--r-- 1 1006 8 841 Nov 26 13:26 4.0.6.md5sums
-rw-r--r-- 1 1006 8 945 Nov 26 13:26 4.0.6.sha1sums
-rw-r--r-- 1 1006 8 322 Nov 26 08:35 README.txt
drwxr-xr-x 4 1006 8 4096 Nov 23 17:16 errata
drwxr-xr-x 4 1006 8 4096 Nov 23 08:21 base -rw-r--r-- 1 1006 8 1570 Dec 1 08:16 known_problems.txt -rw-r--r-- 1 1006 8 148363 Nov 23 08:22 patch-4.0.6 -rw-r--r-- 1 1006 8 5249 Nov 24 07:38 patch-4.0.6-2 ... -rw-r--r-- 1 1006 8 102295 Nov 24 07:38 shorewall-perl-4.0.6-2.noarch.rpm <=========
-rw-r--r-- 1 1006 8 99884 Nov 24 07:38 shorewall-perl-4.0.6-2.tar.bz2 <=========
-rw-r--r-- 1 1006 8 300 Nov 24 07:38 shorewall-perl-4.0.6-2.tar.bz2.asc <=========
-rw-r--r-- 1 1006 8 124814 Nov 24 07:38 shorewall-perl-4.0.6-2.tgz <=========
-rw-r--r-- 1 1006 8 300 Nov 24 07:38 shorewall-perl-4.0.6-2.tgz.asc <=========
-rw-r--r-- 1 1006 8 59124 Nov 23 08:22 shorewall-shell-4.0.6-1.noarch.rpm
-rw-r--r-- 1 1006 8 76500 Nov 23 08:22 shorewall-shell-4.0.6.tar.bz2
-rw-r--r-- 1 1006 8 300 Nov 23 08:22 shorewall-shell-4.0.6.tar.bz2.asc
-rw-r--r-- 1 1006 8 95193 Nov 23 08:22 shorewall-shell-4.0.6.tgz
-rw-r--r-- 1 1006 8 300 Nov 23 08:22 shorewall-shell-4.0.6.tgz.asc
drwxr-sr-x 2 1006 8 4096 Nov 26 08:33 superseded 226-Options: -a -l 226 41 matches total ftp
The lines flagged with <====== show that the Shorewall-perl package has been updated to include a bug fix (note the "-2" in the version). The base tarballs for the release are found in the base directory. The unified diff file name patch-4.0.6-2 may be applied to the base (4.0.6) Shorewall-perl release to produce 4.0.6-2. The original Shorewall-perl packages may be found in the superseded directory. Note that the fixes are still available in the errata directory; the known_problems.txt file indicates which problems are fixed in each updated package.
Use the sites below to download the
tarball, the documentation and the standard RPM
for
(SUSE, Power PPC, Trustix and TurboLinux).
Packages are GPG signed, please verify the integrity of the files
using our public key https://lists.shorewall.net/shorewall.gpg.key
SERVER LOCATION |
DOMAIN |
HTTP |
FTP |
Slovak Republic |
Shorewall.net |
||
Seattle, Washington, USA |
Shorewall.net |
||
Frankfurt/Main, Germany |
Shorewall.de |
N/A |
|
Shoreline, Wa, USA |
Shorewall.net |
||
Australia |
Shorewall.com.au |
N/A |
|
Argentina |
Shorewall.net |
N/A |
|
Chicago, Illinois, USA
(Incomplete) |
Sourceforge.net |
Browse | N/A |
Redhat and Fedora RPMS
provided
by Simon Matter: http://www.invoca.ch/pub/packages/shorewall/
Mandriva RPMS provided by Jack Coates: http://www.monkeynoodle.org/comp/net/shorewall/
Slackware packages created by JMedina. You can download them
from his
site.
OpenWRT package provided by Marc Zonzon: http://www.iut-lannion.fr/ZONZON/memos_index.php?part=Network§ion=WRTMemo&subsec=shorewall
Leaf/Bering package is available at http://leaf.sourceforge.net/bering-uclibc/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=3&MMN_position=3:3
The SVN Repository at Sourceforge is used as a safe-store for Shorewall releases.
You should download and use the latest SVN version only at your own risk -- please do not attempt to install Shorewall from the SVN components; you will end up with an incomplete and non-working installation.If you want to build your own packages from the SVN images, use the build script found in tools/build/buildshorewall.
If you are looking for bug fixes for the current release, see above.
The following SVN projects are currently active:
branches
This project contains sub-projects for each of the stable releases.
The current stable version is branch named x.y where x.y is the major version. Example: 3.4.
You can download it using the following commands:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/branches/x.y/Shorewall
Shorewall
This project contains the Shorewall code.
This project was renamed Shorewall-common in Shorewall 3.9.1.
Shorewall-common
Beginning with Shorewall 3.9.1, this project contains the code common to any Shorewall configuration. It contains no compiler.
'trunk' is the current development version.
You can download it using the following commands:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk/Shorewall-common
Shorewall-shell
Beginning with Shorewall 3.9.1, this project contains the legacy compiler written in Bourne shell. The current development version is in 'trunk.
You can download it using the following commands:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk/Shorewall-shell
Shorewall-perl
Beginning with Shorewall 3.9.0, this project contains the new compiler written in Perl. The current development version is in 'trunk'.
You can download it using the following commands:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk/Shorewall-perl
manpages
Beginning with Shorewall 3,4,0, this project contains the man pages for Shorewall. 'trunk' is the current development version.
You can download it using the following commands:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk/manpages
manpages-lite
Beginning with Shorewall 3.4.0, this project contains the man pages for Shorewall Lite. 'trunk' is the current development version.
You can download it using the following commands:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk/manpages-lite
docs
This project contains the Shorewall documenation.
trunk is the current development version.
You can always get the current documentation in XML Docbook format using the following command:
svn co https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk/docs
web
The project contains the part of this Web site not included in the "docs" project.
tools
This project includes the tools used by the Shorewall developers to build Shorewall releases and to publish content to the web sites.
Samples
This project contains the sample configurations.
Shorewall-lite
This project contains Shorewall Lite -- introduced in Shorewall version 3.2.0 RC1.