Copyright © 2006, 2007 Thomas M. Eastep
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.
Please read this short article first.
Next, read the QuickStart Guide that is appropriate for your configuration:
If you have only one public IP address:
If you have more than one public IP address:
The following articles are also recommended reading for newcomers.
Man Pages Using MAC Addresses in Shorewall Comments in configuration files Using Shell Variables Attach Comment to Netfilter Rules Using DNS Names Line Continuation Complementing an IP address or Subnet INCLUDE Directive IP Address Ranges Port Numbers/Service Names Shorewall Configurations (making a test configuration) Port Ranges
Operating Shorewall and Shorewall Lite contains a lot of useful operational hints.
PPPPPPPS ( or, Paul's Principles for Practical Provision of Packet Processing with Shorewall ) http://linuxman.wikispaces.com/PPPPPPS