1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
<article>
<!--$Id$-->
<articleinfo>
<title>Getting Started with Shorewall</title>
<authorgroup>
<author>
<firstname>Tom</firstname>
<surname>Eastep</surname>
</author>
</authorgroup>
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
<copyright>
<year>2006</year>
<year>2007</year>
<year>2010</year>
<year>2011</year>
<holder>Thomas M. Eastep</holder>
</copyright>
<legalnotice>
<para>Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version
1.2 or any later version published by the Free Software Foundation; with
no Invariant Sections, with no Front-Cover, and with no Back-Cover
Texts. A copy of the license is included in the section entitled
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
License</ulink></quote>.</para>
</legalnotice>
</articleinfo>
<caution>
<para><emphasis role="bold">Do not attempt to install Shorewall on a
remote system. You are virtually assured to lock yourself
out.</emphasis></para>
</caution>
<para>Please read this short article first.</para>
<itemizedlist>
<listitem>
<para><ulink url="Introduction.html">Introduction to
Shorewall</ulink></para>
</listitem>
</itemizedlist>
<para>Now, <ulink url="Install.htm">install Shorewall</ulink>.</para>
<para>Next, read the QuickStart Guide that is appropriate for your
configuration:</para>
<para><emphasis role="bold">If you just want to protect a system: (Requires
Shorewall 4.4.12-Beta3 or later)</emphasis></para>
<itemizedlist>
<listitem>
<para><ulink url="Universal.html">Universal</ulink> configuration --
requires no configuration to protect a single system.</para>
</listitem>
</itemizedlist>
<para><emphasis role="bold">If you have only one public IP
address:</emphasis></para>
<itemizedlist>
<listitem>
<para><ulink url="standalone.htm">Standalone</ulink> Linux System with a
single network interface (if you are running Shorewall 4.4.12 Beta 3 or
later, use the <ulink url="Universal.html">Universal</ulink>
configuration instead).</para>
</listitem>
<listitem>
<para><ulink url="two-interface.htm">Two-interface</ulink> Linux System
acting as a firewall/router for a small local network</para>
</listitem>
<listitem>
<para><ulink url="three-interface.htm">Three-interface</ulink> Linux
System acting as a firewall/router for a small local network and a
DMZ.</para>
</listitem>
</itemizedlist>
<para><emphasis role="bold">If you have more than one public IP
address:</emphasis></para>
<itemizedlist>
<listitem>
<para>The <ulink url="shorewall_setup_guide.htm">Shorewall Setup
Guide</ulink> outlines the steps necessary to set up a firewall where
there are multiple public IP addresses involved or if you want to learn
more about Shorewall than is explained in the single-address guides
above.</para>
</listitem>
</itemizedlist>
<para>The following articles are also recommended reading for
newcomers.</para>
<itemizedlist>
<listitem>
<para><ulink url="configuration_file_basics.htm">Configuration File
Basics</ulink><blockquote>
<para><informaltable frame="none">
<tgroup cols="2">
<tbody valign="middle">
<row>
<entry><ulink
url="configuration_file_basics.htm#Manpages">Man
Pages</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#MAC">Using MAC
Addresses in Shorewall</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#Comments">Comments in
configuration files</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#Variables">Using Shell
Variables</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#COMMENT">Attach Comment
to Netfilter Rules</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#dnsnames">Using DNS
Names</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#Continuation">Line
Continuation</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#Compliment">Complementing
an IP address or Subnet</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#INCLUDE">INCLUDE
Directive</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#IPRanges">IP Address
Ranges</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#Ports">Port
Numbers/Service Names</ulink></entry>
<entry><ulink
url="configuration_file_basics.htm#Levels">Shorewall
Configurations (making a test
configuration)</ulink></entry>
</row>
<row>
<entry><ulink
url="configuration_file_basics.htm#Ranges">Port
Ranges</ulink></entry>
<entry></entry>
</row>
</tbody>
</tgroup>
</informaltable></para>
</blockquote></para>
</listitem>
<listitem>
<para><ulink url="starting_and_stopping_shorewall.htm">Operating
Shorewall and Shorewall Lite</ulink> contains a lot of useful
operational hints.</para>
</listitem>
<listitem>
<para>PPPPPPPS ( or, Paul's Principles for Practical Provision of Packet
Processing with Shorewall ) <ulink
url="http://linuxman.wikispaces.com/PPPPPPS">http://linuxman.wikispaces.com/PPPPPPS</ulink></para>
</listitem>
</itemizedlist>
</article>
|
