Shorewall 2.* Documentation

Tom Eastep

Copyright © 2001-2005 Thomas M. Eastep

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.

2005-11-18


Note

The complete Shorewall Documentation is available for download in both Docbook XML and HTML formats.

Frequently asked questions:

If you are new to Shorewall, please read these two articles first.

The following article is also recommended reading for newcomers.

The remainder of the Documentation supplements the QuickStart Guides. Please review the appropriate guide before trying to use this documentation directly.

  1. 2.6 Kernel

  2. Accounting

  3. Actions

  4. Aliased (virtual) Interfaces (e.g., eth0:0)

  5. Bandwidth Control

  6. Blacklisting

    • Static Blacklisting using /etc/shorewall/blacklist

    • Dynamic Blacklisting using /sbin/shorewall

  7. Bridging

  8. Commands (Description of all /sbin/shorewall commands)

  9. Configuration File Reference Manual

  10. Corporate Network Example (Contributed by a Graeme Boyle)

  11. DHCP

  12. ECN Disabling by host or subnet

  13. Errata

  14. Error Messages

  15. Extension Scripts (How to extend Shorewall without modifying Shorewall code through the use of files in /etc/shorewall -- /etc/shorewall/start, /etc/shorewall/stopped, etc.)

  16. Fallback/Uninstall

  17. FAQs

  18. Features

  19. Forwarding Traffic on the Same Interface

  20. FTP and Shorewall

  21. Getting help or answers to questions

  22. Installation/Upgrade

  23. IPP2P

  24. IPSEC

  25. IPSEC using Kernel 2.6 and Shorewall 2.1 or Later.

  26. Ipsets

  27. Kazaa Filtering

  28. Kernel Configuration

  29. Logging

  30. MAC Verification

  31. Multiple Zones Through One Interface

  32. My Shorewall Configuration (How I personally use Shorewall)

  33. Netfilter Overview

  34. Network Mapping

  35. One-to-one NAT (Static NAT)

  36. OpenVPN

  37. Operating Shorewall

  38. Packet Processing in a Shorewall-based Firewall

  39. 'Ping' Management

  40. Port Information

    • Which applications use which ports

    • Ports used by Trojans

  41. Port Knocking

  42. PPTP

  43. Proxy ARP

  44. Release Model

  45. Requirements

  46. Routing and Shorewall

  47. Routing on One Interface

  48. Samba

  49. Shorewall Setup Guide

  50. SMB

  51. Starting/stopping the Firewall

    • Description of all /sbin/shorewall commands

    • How to safely test a Shorewall configuration change

  52. Squid with Shorewall

  53. Static (one-to-one) NAT

  54. Traffic Accounting

  55. Traffic Shaping/QOS

  56. Troubleshooting (Things to try if it doesn't work)

  57. UID/GID Based Rules

  58. UPnP

  59. Upgrade Issues

  60. VPN

  61. White List Creation