Copyright © 2003, 2004, 2005 Thomas M. Eastep
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.
2007/07/19
Shorewall is compatible with the Linux 2.6 kernel series and contains support for the following features that are added in that series:
NETMAP Target Support.
Bridge/Firewall Support (physdev match support).
CLASSIFY Target Support.
The 2.6 Linux kernel introduces a new implementation of IPSEC which
eliminates the ipsecN
device
names. Netfilter/iptables support for this new implementation is
incomplete unless your kernel has been patched. For unpatched kernels, see
the Shorewall IPSEC documentation
(Shorewall support for IPSEC with unpatched 2.6 kernels is very limited).
For patched 2.6 kernels (including those supplied with
SUSE™ 9.2) see the Kernel 2.6 IPSEC documentation.