<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Language" content="en-us"> <meta name="GENERATOR" content="Microsoft FrontPage 5.0"> <meta name="ProgId" content="FrontPage.Editor.Document"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>Shorewall QuickStart Guide</title> <meta name="Microsoft Theme" content="none"> </head> <body> <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse;" width="100%" id="AutoNumber1" bgcolor="#3366ff" height="90"> <tbody> <tr> <td width="100%"> <h1 align="center"><font color="#ffffff">Shorewall QuickStart Guides (HOWTO's)<br> </font></h1> </td> </tr> </tbody> </table> <p align="center">With thanks to Richard who reminded me once again that we must all first walk before we can run.<br> The French Translations of the single-IP guides are courtesy of Patrice Vetsel<br> The French Translation of the Shorewall Setup Guide is courtesy of Fabien Demassieux.<br> </p> <h2>The Guides</h2> <p>These guides provide step-by-step instructions for configuring Shorewall in common firewall setups.</p> <p>If you have a <font color="#ff0000"><big><big><b>single public IP address</b></big></big></font>:</p> <blockquote> <ul> <li><a href="standalone.htm">Standalone</a> Linux System (<a href="standalone_fr.html">Version Fran�aise</a>)</li> <li><a href="two-interface.htm">Two-interface</a> Linux System acting as a firewall/router for a small local network (<a href="two-interface_fr.html">Version Fran�aise</a>)</li> <li><a href="three-interface.htm">Three-interface</a> Linux System acting as a firewall/router for a small local network and a DMZ. (<a href="three-interface_fr.html">Version Fran�aise</a>)</li> </ul> <p>The above guides are designed to get your first firewall up and running quickly in the three most common Shorewall configurations. If you want to learn more about Shorewall than is explained in the above simple guides, the <a href="shorewall_setup_guide.htm">Shorewall Setup Guide</a> (See Index Below) is for you.</p> </blockquote> <p>If you have <font color="#ff0000"><big><big><b>more than one public IP address</b></big></big></font>:<br> </p> <blockquote>The <a href="shorewall_setup_guide.htm">Shorewall Setup Guide</a> (See Index Below) outlines the steps necessary to set up a firewall where there are multiple public IP addresses involved or if you want to learn more about Shorewall than is explained in the single-address guides above (<a href="shorewall_setup_guide_fr.htm">Version Fran�aise</a>).</blockquote> <ul> </ul> <h2><b><a name="Documentation"></a></b>Documentation Index</h2> <p>The following documentation covers a variety of topics and <b>supplements the <a href="shorewall_quickstart_guide.htm">QuickStart Guides</a> described above</b>. Please review the appropriate guide before trying to use this documentation directly.</p> <ul> <li><a href="Accounting.html">Accounting</a><br> </li> <li><a href="Shorewall_and_Aliased_Interfaces.html">Aliased (virtual) Interfaces (e.g., eth0:0)</a><br> </li> <li><a href="blacklisting_support.htm">Blacklisting</a> <ul> <li>Static Blacklisting using /etc/shorewall/blacklist</li> <li>Dynamic Blacklisting using /sbin/shorewall</li> </ul> </li> <li><a href="starting_and_stopping_shorewall.htm">Commands</a> (Description of all /sbin/shorewall commands)</li> <li><a href="configuration_file_basics.htm">Common configuration file features</a> </li> <ul> <li><a href="configuration_file_basics.htm#Comments">Comments in configuration files</a></li> <li><a href="configuration_file_basics.htm#Continuation">Line Continuation</a></li> <li><a href="configuration_file_basics.htm#INCLUDE">INCLUDE Directive</a></li> <li><a href="configuration_file_basics.htm#Ports">Port Numbers/Service Names</a></li> <li><a href="configuration_file_basics.htm#Ranges">Port Ranges</a></li> <li><a href="configuration_file_basics.htm#Variables">Using Shell Variables</a></li> <li><a href="configuration_file_basics.htm#dnsnames">Using DNS Names</a></li> <li><a href="configuration_file_basics.htm#Compliment">Complementing an IP address or Subnet</a></li> <li><a href="configuration_file_basics.htm#Configs">Shorewall Configurations (making a test configuration)</a></li> <li><a href="configuration_file_basics.htm#MAC">Using MAC Addresses in Shorewall</a> </li> </ul> <li><a href="Documentation.htm">Configuration File Reference Manual</a> <ul> <li> <a href="Documentation.htm#Variables">params</a></li> <li><font color="#000099"><a href="Documentation.htm#Zones">zones</a></font></li> <li><font color="#000099"><a href="Documentation.htm#Interfaces">interfaces</a></font></li> <li><font color="#000099"><a href="Documentation.htm#Hosts">hosts</a></font></li> <li><font color="#000099"><a href="Documentation.htm#Policy">policy</a></font></li> <li><font color="#000099"><a href="Documentation.htm#Rules">rules</a></font></li> <li><a href="Documentation.htm#Common">common</a></li> <li><font color="#000099"><a href="Documentation.htm#Masq">masq</a></font></li> <li><font color="#000099"><a href="Documentation.htm#ProxyArp">proxyarp</a></font></li> <li><font color="#000099"><a href="Documentation.htm#NAT">nat</a></font></li> <li><font color="#000099"><a href="Documentation.htm#Tunnels">tunnels</a></font></li> <li><a href="traffic_shaping.htm#tcrules">tcrules</a></li> <li><font color="#000099"><a href="Documentation.htm#Conf">shorewall.conf</a></font></li> <li><a href="Documentation.htm#modules">modules</a></li> <li><a href="Documentation.htm#TOS">tos</a> </li> <li><a href="Documentation.htm#Blacklist">blacklist</a></li> <li><a href="Documentation.htm#rfc1918">rfc1918</a></li> <li><a href="Documentation.htm#Routestopped">routestopped</a></li> <li><a href="Accounting.html">accounting</a></li> <li><a href="UserSets.html">usersets and users</a><br> </li> </ul> </li> <li><a href="CorpNetwork.htm">Corporate Network Example</a> (Contributed by a Graeme Boyle)<br> </li> <li><a href="dhcp.htm">DHCP</a></li> <li><a href="ECN.html">ECN Disabling by host or subnet</a></li> <li><a href="errata.htm">Errata</a><br> </li> <li><font color="#000099"><a href="shorewall_extension_scripts.htm">Extension Scripts</a></font> (How to extend Shorewall without modifying Shorewall code through the use of files in /etc/shorewall -- /etc/shorewall/start, /etc/shorewall/stopped, etc.)</li> <li><a href="fallback.htm">Fallback/Uninstall</a></li> <li><a href="FAQ.htm">FAQs</a><br> </li> <li><a href="shorewall_features.htm">Features</a><br> </li> <li><a href="shorewall_firewall_structure.htm">Firewall Structure</a></li> <li><a href="FTP.html">FTP and Shorewall</a><br> </li> <li><a href="support.htm">Getting help or answers to questions</a></li> <li>Greater Seattle Linux Users Group Presentation</li> <ul> <li><a href="GSLUG.htm">HTML</a></li> <li><a href="GSLUG.ppt">PowerPoint</a></li> </ul> <li><a href="Install.htm">Installation/Upgrade</a><br> </li> <li><font color="#000099"><a href="kernel.htm">Kernel Configuration</a></font></li> <li><a href="shorewall_logging.html">Logging</a><br> </li> <li><a href="MAC_Validation.html">MAC Verification</a></li> <li><a href="http://lists.shorewall.net">Mailing Lists</a><br> </li> <li><a href="myfiles.htm">My Shorewall Configuration (How I personally use Shorewall)</a></li> <li><a href="starting_and_stopping_shorewall.htm">Operating Shorewall</a><br> </li> <li><a href="ping.html">'Ping' Management</a><br> </li> <li><a href="ports.htm">Port Information</a> <ul> <li>Which applications use which ports</li> <li>Ports used by Trojans</li> </ul> </li> <li><a href="ProxyARP.htm">Proxy ARP</a></li> <li><a href="shorewall_prerequisites.htm">Requirements</a><br> </li> <li><a href="samba.htm">Samba</a></li> <li><a href="shorewall_setup_guide.htm">Shorewall Setup Guide</a><br> </li> <ul> <li><a href="shorewall_setup_guide.htm#Introduction">1.0 Introduction</a></li> <li><a href="shorewall_setup_guide.htm#Concepts">2.0 Shorewall Concepts</a></li> <li><a href="shorewall_setup_guide.htm#Interfaces">3.0 Network Interfaces</a></li> <li><a href="shorewall_setup_guide.htm#Addressing">4.0 Addressing, Subnets and Routing</a> <ul> <li><a href="shorewall_setup_guide.htm#Addresses">4.1 IP Addresses</a></li> <li><a href="shorewall_setup_guide.htm#Subnets">4.2 Subnets</a></li> <li><a href="shorewall_setup_guide.htm#Routing">4.3 Routing</a></li> <li><a href="shorewall_setup_guide.htm#ARP">4.4 Address Resolution Protocol (ARP)</a></li> </ul> <ul> <li><a href="shorewall_setup_guide.htm#RFC1918">4.5 RFC 1918</a></li> </ul> </li> <li><a href="shorewall_setup_guide.htm#Options">5.0 Setting up your Network</a> <ul> <li><a href="shorewall_setup_guide.htm#Routed">5.1 Routed</a></li> </ul> <ul> <li><a href="shorewall_setup_guide.htm#NonRouted">5.2 Non-routed</a> <ul> <li><a href="shorewall_setup_guide.htm#SNAT">5.2.1 SNAT</a></li> <li><a href="shorewall_setup_guide.htm#DNAT">5.2.2 DNAT</a></li> <li><a href="shorewall_setup_guide.htm#ProxyARP">5.2.3 Proxy ARP</a></li> <li><a href="shorewall_setup_guide.htm#NAT">5.2.4 Static NAT</a></li> </ul> </li> <li><a href="shorewall_setup_guide.htm#Rules">5.3 Rules</a></li> <li><a href="shorewall_setup_guide.htm#OddsAndEnds">5.4 Odds and Ends</a></li> </ul> </li> <li><a href="shorewall_setup_guide.htm#DNS">6.0 DNS</a></li> <li><a href="shorewall_setup_guide.htm#StartingAndStopping">7.0 Starting and Stopping the Firewall</a></li> </ul> <li><font color="#000099"><a href="starting_and_stopping_shorewall.htm">Starting/stopping the Firewall</a></font></li> <ul> <li>Description of all /sbin/shorewall commands</li> <li>How to safely test a Shorewall configuration change<br> </li> </ul> <li><font color="#000099"><a href="NAT.htm">Static NAT</a></font></li> <li><a href="Shorewall_Squid_Usage.html">Squid as a Transparent Proxy with Shorewall</a></li> <li><a href="Accounting.html">Traffic Accounting</a><br> </li> <li><a href="traffic_shaping.htm">Traffic Shaping/QOS</a></li> <li><a href="troubleshoot.htm">Troubleshooting (Things to try if it doesn't work)</a></li> <li><a href="UserSets.html">UID/GID Based Rules</a><br> </li> <li><a href="upgrade_issues.htm">Upgrade Issues</a><br> </li> <li>VPN <ul> <li><a href="IPSEC.htm">IPSEC</a></li> <li><a href="IPIP.htm">GRE and IPIP</a></li> <li><a href="OPENVPN.html">OpenVPN</a><br> </li> <li><a href="PPTP.htm">PPTP</a></li> <li><a href="6to4.htm">6t04</a><br> </li> <li><a href="VPN.htm">IPSEC/PPTP</a> from a system behind your firewall to a remote network.</li> <li><a href="GenericTunnels.html">Other VPN types</a>.<br> </li> </ul> </li> <li><a href="whitelisting_under_shorewall.htm">White List Creation</a></li> </ul> <p>If you use one of these guides and have a suggestion for improvement <a href="mailto:webmaster@shorewall.net">please let me know</a>.</p> <p><font size="2">Last modified 9/23/2003 - <a href="support.htm">Tom Eastep</a></font></p> <p><a href="copyright.htm"><font size="2">Copyright 2002, 2003 Thomas M. Eastep</font></a><br> </p> <br> </body> </html>