<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
<article>
  <!--$Id$-->

  <articleinfo>
    <title>Getting Started with Shorewall</title>

    <authorgroup>
      <author>
        <firstname>Tom</firstname>

        <surname>Eastep</surname>
      </author>
    </authorgroup>

    <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>

    <copyright>
      <year>2006</year>

      <year>2007</year>

      <year>2010</year>

      <year>2011</year>

      <holder>Thomas M. Eastep</holder>
    </copyright>

    <legalnotice>
      <para>Permission is granted to copy, distribute and/or modify this
      document under the terms of the GNU Free Documentation License, Version
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
      Texts. A copy of the license is included in the section entitled
      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation
      License</ulink></quote>.</para>
    </legalnotice>
  </articleinfo>

  <caution>
    <para><emphasis role="bold">Do not attempt to install Shorewall on a
    remote system. You are virtually assured to lock yourself
    out.</emphasis></para>
  </caution>

  <para>Please read this short article first.</para>

  <itemizedlist>
    <listitem>
      <para><ulink url="Introduction.html">Introduction to
      Shorewall</ulink></para>
    </listitem>
  </itemizedlist>

  <para>Now, <ulink url="Install.htm">install Shorewall</ulink>.</para>

  <para>Next, read the QuickStart Guide that is appropriate for your
  configuration:</para>

  <para><emphasis role="bold">If you just want to protect a system: (Requires
  Shorewall 4.4.12-Beta3 or later)</emphasis></para>

  <itemizedlist>
    <listitem>
      <para><ulink url="Universal.html">Universal</ulink> configuration --
      requires no configuration to protect a single system.</para>
    </listitem>
  </itemizedlist>

  <para><emphasis role="bold">If you have only one public IP
  address:</emphasis></para>

  <itemizedlist>
    <listitem>
      <para><ulink url="standalone.htm">Standalone</ulink> Linux System with a
      single network interface (if you are running Shorewall 4.4.12 Beta 3 or
      later, use the <ulink url="Universal.html">Universal</ulink>
      configuration instead).</para>
    </listitem>

    <listitem>
      <para><ulink url="two-interface.htm">Two-interface</ulink> Linux System
      acting as a firewall/router for a small local network</para>
    </listitem>

    <listitem>
      <para><ulink url="three-interface.htm">Three-interface</ulink> Linux
      System acting as a firewall/router for a small local network and a
      DMZ.</para>
    </listitem>
  </itemizedlist>

  <para><emphasis role="bold">If you have more than one public IP
  address:</emphasis></para>

  <itemizedlist>
    <listitem>
      <para>The <ulink url="shorewall_setup_guide.htm">Shorewall Setup
      Guide</ulink> outlines the steps necessary to set up a firewall where
      there are multiple public IP addresses involved or if you want to learn
      more about Shorewall than is explained in the single-address guides
      above.</para>
    </listitem>
  </itemizedlist>

  <para>The following articles are also recommended reading for
  newcomers.</para>

  <itemizedlist>
    <listitem>
      <para><ulink url="configuration_file_basics.htm">Configuration File
      Basics</ulink><blockquote>
          <para><informaltable frame="none">
              <tgroup cols="2">
                <tbody valign="middle">
                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#Manpages">Man
                    Pages</ulink></entry>

                    <entry><ulink
                    url="configuration_file_basics.htm#MAC">Using MAC
                    Addresses in Shorewall</ulink></entry>
                  </row>

                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#Comments">Comments in
                    configuration files</ulink></entry>

                    <entry><ulink
                    url="configuration_file_basics.htm#Variables">Using Shell
                    Variables</ulink></entry>
                  </row>

                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#COMMENT">Attach Comment
                    to Netfilter Rules</ulink></entry>

                    <entry><ulink
                    url="configuration_file_basics.htm#dnsnames">Using DNS
                    Names</ulink></entry>
                  </row>

                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#Continuation">Line
                    Continuation</ulink></entry>

                    <entry><ulink
                    url="configuration_file_basics.htm#Compliment">Complementing
                    an IP address or Subnet</ulink></entry>
                  </row>

                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#INCLUDE">INCLUDE
                    Directive</ulink></entry>

                    <entry><ulink
                    url="configuration_file_basics.htm#IPRanges">IP Address
                    Ranges</ulink></entry>
                  </row>

                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#Ports">Port
                    Numbers/Service Names</ulink></entry>

                    <entry><ulink
                    url="configuration_file_basics.htm#Levels">Shorewall
                    Configurations (making a test
                    configuration)</ulink></entry>
                  </row>

                  <row>
                    <entry><ulink
                    url="configuration_file_basics.htm#Ranges">Port
                    Ranges</ulink></entry>

                    <entry></entry>
                  </row>
                </tbody>
              </tgroup>
            </informaltable></para>
        </blockquote></para>
    </listitem>

    <listitem>
      <para><ulink url="starting_and_stopping_shorewall.htm">Operating
      Shorewall and Shorewall Lite</ulink> contains a lot of useful
      operational hints.</para>
    </listitem>

    <listitem>
      <para>PPPPPPPS ( or, Paul's Principles for Practical Provision of Packet
      Processing with Shorewall ) <ulink
      url="http://linuxman.wikispaces.com/PPPPPPS">http://linuxman.wikispaces.com/PPPPPPS</ulink></para>
    </listitem>
  </itemizedlist>
</article>