Shorewall 3.x Documentation
Tom
Eastep
2001-2006
Thomas M. Eastep
Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version
1.2 or any later version published by the Free Software Foundation; with
no Invariant Sections, with no Front-Cover, and with no Back-Cover
Texts. A copy of the license is included in the section entitled
GNU Free Documentation
License
.
Getting Started
If you are new to Shorewall, please read these two articles
first.
Introduction to
Shorewall
QuickStart Guides
(HOWTOs)
The following article is also recommended reading for
newcomers.
Configuration File
Basics
Comments in
configuration files
Using Shell
Variables
Attach Comment
to Netfilter Rules
Using DNS
Names
Line
Continuation
Complementing
an IP address or Subnet
INCLUDE
Directive
IP Address
Ranges
Port
Numbers/Service Names
Shorewall
Configurations (making a test
configuration)
Port
Ranges
Using MAC
Addresses in Shorewall
Index to the Articles
The remainder of the Documentation supplements the QuickStart
Guides. Please review the appropriate guide before trying to use this
documentation directly.
Alphabetical Index
2.6 Kernel
Ipsets
Samba
Accounting
Kazaa
Filtering
Shorewall
Lite
Actions
Kernel
Configuration
Shorewall Setup
Guide
Aliased
(virtual) Interfaces (e.g., eth0:0)
Limiting per-IPaddress
Connection Rate
SMB
Bandwidth
Control
Logging
Squid with
Shorewall
Blacklisting
Macros
Starting/stopping the
Firewall
Bridging - Bridge/Firewall
(control traffic through the bridge)
MAC
Verification
Static (one-to-one)
NAT
Bridging - Simple Bridge
(don't need to control traffic through the bridge)
Multiple Internet Connections
from a Single Firewall
Support
Commands
Multiple Zones Through One
Interface
Traffic
Accounting
Compiled Firewall
Programs (Shorewall 3.1 and later)
My Shorewall
Configuration
Traffic
Shaping/QOS
Configuration File Reference
Manual
Netfilter
Overview
Troubleshooting
Corporate Network
Example
Network Mapping
UPnP
DHCP
One-to-one NAT (Static
NAT)
Upgrade
Issues
ECN Disabling by host or
subnet
OpenVPN
VPN
Error
Messages
Operating
Shorewall
White List
Creation
Extension
Scripts (User Exits)
Packet
Marking
Xen - Shorewall in a Bridged Xen
DomU
Fallback/Uninstall
Packet Processing in a
Shorewall-based Firewall
Xen - Shorewall in Bridged Xen
Dom0
FAQs
'Ping' Management
Xen - Shorewall in Routed
Xen Dom0
Features
Port Information
Forwarding Traffic on the
Same Interface
Port Knocking and Other Uses
of the 'Recent Match'
FTP and Shorewall
PPTP
Getting help or answers to
questions
Proxy ARP
Installation/Upgrade
Release
Model
IPP2P
Requirements
IPSEC
Routing and
Shorewall
IPSEC using Kernel 2.6 and
Shorewall 2.1 or Later
Routing on One
Interface