<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
<article>
<!--$Id: template.xml 5908 2007-04-12 23:04:36Z teastep $-->
<articleinfo>
<title>Shorewall 5.* Manpages</title>
<authorgroup>
<author>
<firstname>Tom</firstname>
<surname>Eastep</surname>
</author>
</authorgroup>
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
<copyright>
<year>2007-2019</year>
<holder>Thomas M. Eastep</holder>
</copyright>
<legalnotice>
<para>Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version
1.2 or any later version published by the Free Software Foundation; with
no Invariant Sections, with no Front-Cover, and with no Back-Cover
Texts. A copy of the license is included in the section entitled
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
License</ulink></quote>.</para>
</legalnotice>
</articleinfo>
<warning>
<para>These manpages are for Shorewall 5.0 and later only. They describe
features and options not available on earlier releases. The manpages for
Shorewall 4.4-4.6 are available<ulink url="/manpages4/Manpages.html">
here</ulink>.</para>
</warning>
<section id="Section5">
<title>Section 5 — Files and Concepts</title>
<blockquote>
<simplelist>
<member><ulink
url="manpages/shorewall-accounting.html">accounting</ulink> - Define
IP accounting rules.</member>
<member><ulink url="manpages/shorewall-actions.html">actions</ulink> -
Declare user-defined actions.</member>
<member><ulink
url="/manpages/shorewall-addresses.html">addresses</ulink> - Describes
how IP address and ports are specified in Shorewall</member>
<member><ulink url="manpages/shorewall-arprules.html">arprules</ulink>
- (Added in Shorewall 4.5.12) Define arpfilter rules.</member>
<member><ulink url="manpages/shorewall-blrules.html">blrules</ulink> -
shorewall Blacklist file.</member>
<member><ulink
url="manpages/shorewall-conntrack.html">conntrack</ulink> - Specify
helpers for connections or exempt certain traffic from netfilter
connection tracking.</member>
<member><ulink url="manpages/shorewall-ecn.html">ecn</ulink> -
Disabling Explicit Congestion Notification</member>
<member><ulink
url="manpages/shorewall-exclusion.html">exclusion</ulink> - Excluding
hosts from a network or zone</member>
<member><ulink url="/manpages/shorewall-files.html">files</ulink> -
Describes the shorewall configuration files</member>
<member><ulink url="manpages/shorewall-hosts.html">hosts</ulink> -
Define multiple zones accessed through a single interface</member>
<member><ulink
url="manpages/shorewall-interfaces.html">interfaces</ulink> - Define
the interfaces on the system and optionally associate them with
zones.</member>
<member><ulink url="manpages/shorewall-ipsets.html">ipsets</ulink> -
Describes how to specify set names in Shorewall configuration
files.</member>
<member><ulink url="manpages/shorewall-logging.html">logging</ulink> -
Provides an overview of Shorewall packet logging facilities</member>
<member><ulink url="manpages/shorewall-maclist.html">maclist</ulink> -
Define MAC verification.</member>
<member><ulink url="manpages/shorewall-mangle.html">mangle</ulink> -
Supersedes tcrules and describes packet/connection marking.</member>
<member><ulink url="manpages/shorewall-masq.html">masq</ulink> -
Define Masquerade/SNAT (deprecated)</member>
<member><ulink url="manpages/shorewall-modules.html">modules</ulink> -
Specify which kernel modules to load (Removed in Shorewall
5.2.3)</member>
<member><ulink url="/manpages/shorewall-names.html">names</ulink> -
Describes object naming in Shorewall configuration files</member>
<member><ulink url="manpages/shorewall-nat.html">nat</ulink> - Define
one-to-one NAT.</member>
<member><ulink url="manpages/shorewall-nesting.html">nesting</ulink> -
How to define nested zones.</member>
<member><ulink url="manpages/shorewall-netmap.html">netmap</ulink> -
How to map addresses from one net to another.</member>
<member><ulink url="manpages/shorewall-params.html">params</ulink> -
Assign values to shell variables used in other files.</member>
<member><ulink url="manpages/shorewall-policy.html">policy</ulink> -
Define high-level policies for connections between zones.</member>
<member><ulink
url="manpages/shorewall-providers.html">providers</ulink> - Define
routing tables, usually for multiple Internet links.</member>
<member><ulink url="manpages/shorewall-proxyarp.html">proxyarp</ulink>
- Define Proxy ARP (IPv4)</member>
<member><ulink url="manpages/shorewall-proxyndp.html">proxyndp</ulink>
- Define Proxy NDP (IPv6)</member>
<member><ulink url="manpages/shorewall-rtrules.html">rtrules</ulink> -
Define routing rules.</member>
<member><ulink url="manpages/shorewall-routes.html">routes</ulink> -
(Added in Shorewall 4.4.15) Add additional routes to provider routing
tables.</member>
<member><ulink url="manpages/shorewall-rules.html">rules</ulink> -
Specify exceptions to policies, including DNAT and REDIRECT.</member>
<member><ulink url="manpages/shorewall-secmarks.html">secmarks</ulink>
- Attach an SELinux context to a packet.</member>
<member><ulink url="manpages/shorewall-snat.html">snat</ulink> -
Define Masquerade/SNAT</member>
<member><ulink
url="manpages/shorewall-tcclasses.html">tcclasses</ulink> - Define htb
classes for traffic shaping.</member>
<member><ulink
url="manpages/shorewall-tcdevices.html">tcdevices</ulink> - Specify
speed of devices for traffic shaping.</member>
<member><ulink
url="manpages/shorewall-tcfilters.html">tcfilters</ulink> - Classify
traffic for shaping; often used with an IFB to shape ingress
traffic.</member>
<member><ulink
url="manpages/shorewall-tcinterfaces.html">tcinterfaces</ulink> -
Specify devices for simplified traffic shaping.</member>
<member><ulink url="manpages/shorewall-tcpri.html">tcpri</ulink> -
Classify traffic for simplified traffic shaping.</member>
<member><ulink url="manpages/shorewall-tunnels.html">tunnels</ulink> -
Define VPN connections with endpoints on the firewall.</member>
<member><ulink
url="manpages/shorewall.conf.html">shorewall.conf</ulink> - Specify
values for global Shorewall options.</member>
<member><ulink
url="manpages/shorewall.conf.html">shorewall6.conf</ulink> - Specify
values for global Shorewall6 options.</member>
<member><ulink
url="manpages/shorewall-lite.conf.html">shorewall-lite.conf</ulink> -
Specify values for global Shorewall Lite options.</member>
<member><ulink
url="manpages6/shorewall6-lite.conf.html">shorewall6-lite.conf</ulink>
- Specify values for global Shorewall6 Lite options.</member>
<member><ulink url="manpages/shorewall-vardir.html">vardir</ulink> -
Redefine the directory where Shorewall keeps its state
information.</member>
<member><ulink
url="manpages/shorewall-lite-vardir.html">vardir-lite</ulink> -
Redefine the directory where Shorewall Lite keeps its state
information.</member>
<member><ulink url="manpages/shorewall-zones.html">zones</ulink> -
Declare Shorewall zones.</member>
</simplelist>
</blockquote>
</section>
<section id="Section8">
<title>Section 8 — Administrative Commands</title>
<blockquote>
<simplelist>
<member><ulink url="manpages/shorewall.html">shorewall</ulink> -
/sbin/shorewall, /sbin/shorewall6/, /sbin/shorewall-lite and
/sbin/shorewall6-lite command syntax and semantics.</member>
</simplelist>
</blockquote>
</section>
</article>