<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd"> <article> <!--$Id$--> <articleinfo> <title>Shorewall on a Laptop</title> <authorgroup> <author> <firstname>Tom</firstname> <surname>Eastep</surname> </author> </authorgroup> <pubdate><?dbtimestamp format="Y/m/d"?></pubdate> <copyright> <year>2009</year> <holder>Thomas M. Eastep</holder> </copyright> <legalnotice> <para>Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para> </legalnotice> </articleinfo> <section> <title>Overview</title> <para>Laptop computers generally have several network interfaces, one of which will be used at a time.</para> <orderedlist> <listitem> <para>Ethernet interface ‒ Used when the computer is on the desktop at home or at work.</para> </listitem> <listitem> <para>Wireless interface ‒ Used when the laptop is being used in a cafe, train or airline terminal.</para> </listitem> <listitem> <para>Point-to-point (PPP) interface ‒ Used when neither wired nor wireless service are available.</para> </listitem> </orderedlist> <para>Shorewall can be configured to treat these interfaces the same and to be able to switch between them without having to reconfigure.</para> </section> <section> <title>Configuration</title> <para>The key to configuring Shorewall on a laptop is to define multiple optional interfaces for the 'net' zone in <filename>/etc/shorewall/interfaces</filename>.</para> <programlisting>#ZONE INTERFACE OPTIONS net eth0 optional,… net wlan0 optional,… net ppp0 optional,…</programlisting> <para>With this configuration, access to the 'net' zone is possible regardless of which of the interfaces is being used.</para> </section> </article>