Shorewall 4.0 Manpages Tom Eastep 2007 Thomas M. Eastep Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled GNU Free Documentation License. These manpages are for Shorewall 4.0 only. They describe features and options not available on earlier releases. The docbook to manpage translation tool that we are using has some indentation issues which require us to choose between correct output of the man command and correctly-indented HTML. We've chosen in favor of the man command so some of the manpages accessed through the links below have indentation problems. We're working to resolve these issues and ask for your patience.
Section 5 — Files and Concepts accounting - Define IP accounting rules. actions - Declare user-defined actions. blacklist - Static blacklisting. ecn - Disabling Explicit Congestion Notification exclusion - Excluding hosts from a network or zone hosts - Define multiple zones accessed through a single interface interfaces - Define the interfaces on the system and optionally associate them with zones. maclist - Define MAC verification. masq - Define Masquerade/SNAT modules - Specify which kernel modules to load. nat - Define one-to-one NAT. nesting - How to define nested zones. netmap - How to map addresses from one net to another. params - Assign values to shell variables used in other files. policy - Define high-level policies for connections between zones. providers - Define routing tables, usually for mutliple internet links. proxyarp - Define Proxy ARP. rfc1918 - Specify address ranges affected by the interface option. route_rules - Define routing rules. routestopped - Specify connections to be permitted when Shorewall is in the stopped state. rules - Specify exceptions to policies, including DNAT and REDIRECT. tcclasses - Define htb classes for traffic shaping. tcdevices - Specify speed of devices for traffic shaping. tcrules - Define packet marking rules, usually for traffic shaping. tos - Define TOS field manipulation. tunnels - Define VPN connections with endpoints on the firewall. shorewall.conf - Specify values for global Shorewall options. shorewall-lite.conf - Specify values for global Shorewall Lite options. vardir - Redefine the directory where Shorewall keeps its state information. vardir-lite - Redefine the directory where Shorewall Lite keeps its state information. zones - Declare Shorewall zones.l
Section 8 — Administrative Commands shorewall - /sbin/shorewall command syntax and semantics. shorewall-lite - /sbin/shorewall-lite command syntax and semantics.