<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Some Things that Shorewall Does Not Do</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="Shorewall_Doesnt"></a>Some Things that Shorewall Does Not Do</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Tom</span> <span class="surname">Eastep</span></h3></div></div><div><p class="copyright">Copyright © 2003-, 2005 Thomas M Eastep</p></div><div><div class="legalnotice"><a id="id286316"></a><p>Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “<span class="quote"><a class="ulink" href="GnuCopyright.htm" target="_self">GNU Free Documentation License</a></span>”.</p></div></div><div><p class="pubdate">2008/12/15</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#Doesnt">Shorewall Does not:</a></span></dt><dt><span class="section"><a href="#Patching">In Addition:</a></span></dt></dl></div><div class="caution" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Caution</h3><p><span class="bold"><strong>This article applies to Shorewall 3.0 and later. If you are running a version of Shorewall earlier than Shorewall 3.0.0 then please see the documentation for that release</strong></span></p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="Doesnt"></a>Shorewall Does not:</h2></div></div></div><div class="itemizedlist"><ul type="disc"><li><p>Act as a “<span class="quote">Personal Firewall</span>” that allows Internet access control by application. If that's what you are looking for, try <a class="ulink" href="http://tuxguardian.sourceforge.net/" target="_self">TuxGuardian</a>.</p></li><li><p>Work with an Operating System other than Linux (version >= 2.4.0)</p></li><li><p>Act as a Proxy (although it can be used with a separate proxy such as Squid or Socks).</p></li><li><p>Do content filtering:</p><div class="itemizedlist"><ul type="circle"><li><p>HTTP - better to use <a class="ulink" href="Shorewall_Squid_Usage.html" target="_self">Squid</a> and <a class="ulink" href="http://dansguardian.org/" target="_self">Dansguardian</a> for that.</p></li><li><p>Email -- Install something like <a class="ulink" href="http://www.postfix.org" target="_self">Postfix</a> on your firewall and integrate it with <a class="ulink" href="http://www.spamassassin.org/" target="_self">SpamAssassin</a> , <a class="ulink" href="http://www.ijs.si/software/amavisd/" target="_self">Amavisd-new</a> and <a class="ulink" href="http://www.clamav.net/" target="_self">Clamav</a></p></li></ul></div></li><li><p>Configure/manage Network Devices (your Distribution includes tools for that).</p></li></ul></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="Patching"></a>In Addition:</h2></div></div></div><div class="itemizedlist"><ul type="disc"><li><p>Shorewall generally does not contain any support for Netfilter <a class="ulink" href="http://www.netfilter.org" target="_self">Patch-O-Matic-ng</a> features or any other features that require kernel patching -- Shorewall only supports features from released kernels except in unusual cases.</p></li></ul></div></div></div></body></html>