Shorewall 3.x Documentation
Tom
Eastep
2001-2006
Thomas M. Eastep
Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version
1.2 or any later version published by the Free Software Foundation; with
no Invariant Sections, with no Front-Cover, and with no Back-Cover
Texts. A copy of the license is included in the section entitled
GNU Free Documentation
License
.
Getting Started
If you are new to Shorewall, please read these two articles
first.
Introduction to
Shorewall
QuickStart Guides
(HOWTOs)
The following article is also recommended reading for
newcomers.
Configuration File
Basics
Comments in
configuration files
Using
Shell Variables
Attach
Comment to Netfilter Rules
Using DNS
Names
Line
Continuation
Complementing
an IP address or Subnet
INCLUDE
Directive
IP Address
Ranges
Port
Numbers/Service Names
Shorewall
Configurations (making a test
configuration)
Port
Ranges
Using MAC
Addresses in Shorewall
Index to the Articles
The remainder of the Documentation supplements the QuickStart
Guides. Please review the appropriate guide before trying to use this
documentation directly.
2.6 Kernel
IPSEC using Kernel 2.6 and
Shorewall 2.1 or Later
Routing on One
Interface
Accounting
Ipsets
Samba
Actions
Kazaa
Filtering
Scalability and
Performance
Aliased
(virtual) Interfaces (e.g., eth0:0)
Kernel
Configuration
Shorewall
Lite
Bandwidth
Control
Limiting per-IPaddress
Connection Rate
Shorewall
Modularization
Blacklisting
Logging
Shorewall Setup
Guide
Bridge: With physdev match
support
Macros
SMB
Bridge: Without physdev match
support
MAC
Verification
Squid with
Shorewall
Bridge: No control of
traffic through the bridge
Multiple Internet Connections
from a Single Firewall
Starting/stopping the
Firewall
Commands
Multiple Zones Through One
Interface
Static (one-to-one)
NAT
Compiled Firewall
Programs
My Shorewall
Configuration
Support
Configuration File Reference
Manual
Netfilter
Overview
Traffic
Accounting
Corporate Network
Example
Network Mapping
Traffic
Shaping/QOS
DHCP
One-to-one NAT (Static
NAT)
Troubleshooting
ECN Disabling by host or
subnet
OpenVPN
UPnP
Error
Messages
Operating
Shorewall
Upgrade
Issues
Extension
Scripts (User Exits)
Packet
Marking
VPN
Fallback/Uninstall
Packet Processing in a
Shorewall-based Firewall
White List
Creation
FAQs
'Ping' Management
Xen - Shorewall in a Bridged Xen
DomU
Features
Port Information
Xen - Shorewall in Bridged Xen
Dom0
Forwarding Traffic on the
Same Interface
Port Knocking and Other Uses
of the 'Recent Match'
Xen - Shorewall in Routed
Xen Dom0
FTP and Shorewall
PPTP
Getting help or answers to
questions
Proxy ARP
Installation/Upgrade
Release
Model
IPP2P
Requirements
IPSEC
Routing and
Shorewall