Shorewall Download

2014-02-13


Contents

Package Information
Distribution-specific Download Sites
Standard Download Sites
Finding Updates that Correct Known Problems

Package Information

Before trying to install, we strongly urge you to read and print a copy of the Shorewall QuickStart Guide for the configuration that most closely matches your own.

The documentation in both XML and HTML formats is available for download from the Download Sites listed below.

NOTICE: There are three current Shorewall Release Series:

For additional information, see this article about the Shorewall Release Model.

In Shorewall version 4.5.*, the common Shell libraries have been segregated into a separate Shorewall-core package. With Shorewall 4.5 onward, there are six packages:

In Shorewall version 4.4.*, the Shorewall-common, Shorewall-shell and Shorewall-perl packages are discontinued and replaced with a single Shorewall package which combines the functions of Shorewall-common and Shorewall-perl. The shell-based compiler is retired. With Shorewall 4.4, there are five packages:

In Shorewall version 4.2.*, there are six packages:

To summarize:

Here are the installation instructions.

Distribution-specific Download Sites

Once you've printed the appropriate QuickStart Guide, download the appropriate Packages:

You will probably also want to download the HTML version of the documentation for easy reference.

Standard Download Sites

Use the sites below to download the tarball, the documentation and the standard RPM for (SUSE, Power PPC, Trustix and TurboLinux).

Packages are GPG signed, please verify the integrity of the files using our public key https://lists.shorewall.net/shorewall.gpg.key

Note that each of the tarballs are available in both tgz and tar.bz2 compression format.

SERVER LOCATION DOMAIN HTTP FTP
Seattle, Washington, USA Shorewall.net Browse Browse
Baltimore, Maryland, USA Shorewall.net Browse Browse
Bratislava, Slovakia Shorewall.net Browse Browse
Espoo, Finland Shorewall.fi Browse Browse
Frankfurt/Main, Germany Shorewall.de Browse N/A
Moscow, Russia Shorewall.ru Browse Browse
Norway Shorewall.no Browse Browse
Shoreline, Wa, USA Shorewall.net Browse Browse
Paris, France Shorewall.net Browse Browse
Australia Shorewall.com.au Browse N/A
Reading, England Shorewall.net N/A Browse
Montreal, Quebec, Canada Shorewall.net Browse Browse
Chicago, Illinois, USA (Incomplete) Sourceforge.net Browse N/A

Finding Updates that Correct Known Problems

Beginning with Shorewall 4.0.6, updated packages that include fixes to known problems are made available.

Example:

ftp> cd pub/shorewall/4.0/shorewall-4.0.6
250 OK. Current directory is /pub/shorewall/4.0/shorewall-4.0.6
ftp> ls
200 PORT command successful
150 Connecting to port 36018
drwxr-sr-x    4 1006     8            4096 Dec  1 08:16 .
drwxr-sr-x    9 1006     8            4096 Nov 23 08:22 ..
-rw-r--r--    1 1006     8             194 Nov 24 07:38 4.0.6-2.md5sums
-rw-r--r--    1 1006     8             218 Nov 24 07:38 4.0.6-2.sha1sums
-rw-r--r--    1 1006     8             841 Nov 26 13:26 4.0.6.md5sums
-rw-r--r--    1 1006     8             945 Nov 26 13:26 4.0.6.sha1sums
-rw-r--r--    1 1006     8             322 Nov 26 08:35 README.txt
drwxr-xr-x    4 1006     8            4096 Nov 23 08:21 base
-rw-r--r--    1 1006     8            1570 Dec  1 08:16 known_problems.txt
-rw-r--r--    1 1006     8          148363 Nov 23 08:22 patch-4.0.6
-rw-r--r--    1 1006     8            4238 Nov 24 16:49 patch-perl-4.0.6.1
-rw-r--r--    1 1006     8            5249 Nov 29 07:38 patch-perl-4.0.6.2
...

-rw-r--r--    1 1006     8          102295 Nov 24 07:38 shorewall-perl-4.0.6-2.noarch.rpm   <=========
-rw-r--r--    1 1006     8           99884 Nov 24 07:38 shorewall-perl-4.0.6.2.tar.bz2      <=========  
-rw-r--r--    1 1006     8             300 Nov 24 07:38 shorewall-perl-4.0.6.2.tar.bz2.asc  <=========
-rw-r--r--    1 1006     8          124814 Nov 24 07:38 shorewall-perl-4.0.6.2.tgz          <=========
-rw-r--r--    1 1006     8             300 Nov 24 07:38 shorewall-perl-4.0.6.2.tgz.asc      <=========
-rw-r--r--    1 1006     8           59124 Nov 23 08:22 shorewall-shell-4.0.6-0base.noarch.rpm
-rw-r--r--    1 1006     8           76500 Nov 23 08:22 shorewall-shell-4.0.6.tar.bz2
-rw-r--r--    1 1006     8             300 Nov 23 08:22 shorewall-shell-4.0.6.tar.bz2.asc
-rw-r--r--    1 1006     8           95193 Nov 23 08:22 shorewall-shell-4.0.6.tgz
-rw-r--r--    1 1006     8             300 Nov 23 08:22 shorewall-shell-4.0.6.tgz.asc
drwxr-sr-x    2 1006     8            4096 Nov 26 08:33 superseded
226-Options: -a -l 
226 41 matches total
ftp

The lines flagged with <====== show that the Shorewall-perl package has been updated to include two bug fixes (note the "-2" and ".2" in the file names). The base tarballs for the release are found in the base directory. The unified diff files patch-4.0.6.* may be applied sequentially to the base (4.0.6) Shorewall-perl release (from the base directory) to produce 4.0.6.2. The patch- files are for use by distribution maintainers and should be ignored by end users.

The obsoleted 4.0.6 Shorewall-perl packages may be found in the superseded directory. The known_problems.txt file indicates which problems are fixed in each updated package.

Documentation


Frequently Used Articles

- FAQs - IPv4 Manpages - IPv6 Manpages - Configuration File Basics - Beginner Documentation - Troubleshooting

Shorewall 4.0/4.2 Documentation


Current HOWTOs and Other Articles

- 6to4 and 6in4 Tunnels - Accounting - Actions - Aliased (virtual) Interfaces (e.g., eth0:0) - Anatomy of Shorewall - Anti-Spoofing Measures - AUDIT Target support - Bandwidth Control - Blacklisting/Whitelisting - Bridge/Firewall - Building Shorewall from GIT - Commands - Compiled Programs - Configuration File Basics - DHCP - DNAT - Dynamic Zones - ECN Disabling by host or subnet - Events - Extension Scripts - Fallback/Uninstall - FAQs - Features - Fool's Firewall - Forwarding Traffic on the Same Interface - FTP and Shorewall - Helpers/Helper Modules - Installation/Upgrade - IPP2P - IPSEC - Ipsets - IPv6 Support - ISO 3661 Country Codes - Kazaa Filtering - Kernel Configuration - KVM (Kernel-mode Virtual Machine) - Limiting Connection Rates - Linux Containers (LXC) - Linux-vserver - Logging - Macros - MAC Verification - Manpages (IPv4) (IPv6) - Manual Chains - Masquerading - Multiple Internet Connections from a Single Firewall - Multiple Zones Through One Interface - My Shorewall Configuration - Netfilter Overview - Network Mapping - No firewalling of traffic between bridge port - One-to-one NAT - Operating Shorewall - OpenVPN - OpenVZ - Packet Marking - Packet Processing in a Shorewall-based Firewall - 'Ping' Management - Port Forwarding - Port Information - Port Knocking (deprecated) - Port Knocking, Auto Blacklisting and Other Uses of the 'Recent Match' - PPTP - Proxy ARP - QuickStart Guides - Release Model - Requirements - Routing and Shorewall - Routing on One Interface - Samba - Shorewall Events - Shorewall Init - Shorewall Lite - Shorewall on a Laptop - Shorewall Perl - Shorewall Setup Guide - SMB - SNAT - Split DNS the Easy Way - Squid with Shorewall - Starting/stopping the Firewall - Static (one-to-one) NAT - Support - Tips and Hints - Traffic Shaping/QOS - Simple - Traffic Shaping/QOS - Complex - Transparent Proxy - UPnP - Upgrade Issues - Upgrading to Shorewall 4.4 (Upgrading Debian Lenny to Squeeze) - VPN - VPN Passthrough - White List Creation - Xen - Shorewall in a Bridged Xen DomU - Xen - Shorewall in Routed Xen Dom0

Top of Page