Getting Started with Shorewall Tom Eastep 2006 2007 Thomas M. Eastep Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled GNU Free Documentation License. Please read this short article first. Introduction to Shorewall Next, read the QuickStart Guide that is appropriate for your configuration: If you have only one public IP address: Standalone Linux System with a single network interface (Version Française) (Russian Version) Version en Español Two-interface Linux System acting as a firewall/router for a small local network (Version Française) (Russian Version) Three-interface Linux System acting as a firewall/router for a small local network and a DMZ.. (Version Française) (Russian Version) If you have more than one public IP address: The Shorewall Setup Guide (Version Française) outlines the steps necessary to set up a firewall where there are multiple public IP addresses involved or if you want to learn more about Shorewall than is explained in the single-address guides above. The following articles are also recommended reading for newcomers. Configuration File Basics
Man Pages Using MAC Addresses in Shorewall Comments in configuration files Using Shell Variables Attach Comment to Netfilter Rules Using DNS Names Line Continuation Complementing an IP address or Subnet INCLUDE Directive IP Address Ranges Port Numbers/Service Names Shorewall Configurations (making a test configuration) Port Ranges
Operating Shorewall and Shorewall Lite contains a lot of useful operational hints. PPPPPPPS ( or, Paul's Principles for Practical Provision of Packet Processing with Shorewall ) http://linuxman.wikispaces.com/PPPPPPS