<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Getting Started with Shorewall</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id257527"></a>Getting Started with Shorewall</h2></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Tom</span> <span class="surname">Eastep</span></h3></div></div></div><div><p class="copyright">Copyright © 2006, 2007 Thomas M. Eastep</p></div><div><div class="legalnotice"><a id="id292637"></a><p>Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “<span class="quote"><a class="ulink" href="GnuCopyright.htm" target="_self">GNU Free Documentation License</a></span>”.</p></div></div><div><p class="pubdate">2008/12/15</p></div></div><hr /></div><p>Please read this short article first.</p><div class="itemizedlist"><ul type="disc"><li><p><a class="ulink" href="Introduction.html" target="_self">Introduction to Shorewall</a></p></li></ul></div><p>Next, read the QuickStart Guide that is appropriate for your configuration:</p><p><span class="bold"><strong>If you have only one public IP address:</strong></span></p><div class="itemizedlist"><ul type="disc"><li><p><a class="ulink" href="standalone.htm" target="_self">Standalone</a> Linux System with a single network interface (<a class="ulink" href="standalone_fr.html" target="_self">Version Française</a>) <a class="ulink" href="standalone_ru.html" target="_self">(Russian Version)</a> <a class="ulink" href="standalone_es.html" target="_self">Version en Español</a></p></li><li><p><a class="ulink" href="two-interface.htm" target="_self">Two-interface</a> Linux System acting as a firewall/router for a small local network (<a class="ulink" href="two-interface_fr.html" target="_self">Version Française</a>) (<a class="ulink" href="two-interface_ru.html" target="_self">Russian Version</a>)</p></li><li><p><a class="ulink" href="three-interface.htm" target="_self">Three-interface</a> Linux System acting as a firewall/router for a small local network and a DMZ.. (<a class="ulink" href="three-interface_fr.html" target="_self">Version Française</a>) (<a class="ulink" href="three-interface_ru.html" target="_self">Russian Version</a>)</p></li></ul></div><p><span class="bold"><strong>If you have more than one public IP address:</strong></span></p><div class="itemizedlist"><ul type="disc"><li><p>The <a class="ulink" href="shorewall_setup_guide.htm" target="_self">Shorewall Setup Guide</a> (<a class="ulink" href="shorewall_setup_guide_fr.htm" target="_self">Version Française</a>) outlines the steps necessary to set up a firewall where there are multiple public IP addresses involved or if you want to learn more about Shorewall than is explained in the single-address guides above.</p></li></ul></div><p>The following articles are also recommended reading for newcomers.</p><div class="itemizedlist"><ul type="disc"><li><p><a class="ulink" href="configuration_file_basics.htm" target="_self">Configuration File Basics</a></p><div class="blockquote"><blockquote class="blockquote"><div class="informaltable"><table border="0"><colgroup><col /><col /></colgroup><tbody valign="middle"><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Manpages" target="_self">Man Pages</a></td><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#MAC" target="_self">Using MAC Addresses in Shorewall</a></td></tr><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Comments" target="_self">Comments in configuration files</a></td><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Variables" target="_self">Using Shell Variables</a></td></tr><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#COMMENT" target="_self">Attach Comment to Netfilter Rules</a></td><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#dnsnames" target="_self">Using DNS Names</a></td></tr><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Continuation" target="_self">Line Continuation</a></td><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Compliment" target="_self">Complementing an IP address or Subnet</a></td></tr><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#INCLUDE" target="_self">INCLUDE Directive</a></td><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#IPRanges" target="_self">IP Address Ranges</a></td></tr><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Ports" target="_self">Port Numbers/Service Names</a></td><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Levels" target="_self">Shorewall Configurations (making a test configuration)</a></td></tr><tr><td valign="middle"><a class="ulink" href="configuration_file_basics.htm#Ranges" target="_self">Port Ranges</a></td><td valign="middle"> </td></tr></tbody></table></div></blockquote></div></li><li><p>PPPPPPPS ( or, Paul's Principles for Practical Provision of Packet Processing with Shorewall ) <a class="ulink" href="http://linuxman.wikispaces.com/PPPPPPS" target="_self">http://linuxman.wikispaces.com/PPPPPPS</a></p></li></ul></div></div></body></html>