1. SHOREWALL By Dhoto Revised by Idris

2. Shorewall  tools for building a firewall  variable : interfaces, zones, rules

3. Shorewall

4. Interfaces # ifconfig --> eth0

5. Zones Your network --> Net Your Server --> fw

6. Rules from fw to Net --> Ok / Accept from Net to fw --> access denied / drop from other --> access denied / drop

7. Installation Remove  :~# apt-get remove portmap  :~# apt-get remove nfs-common  :~# apt-get remove pidentd

9. Installation Install text editor  :~# apt-get install vim  :~# apt-get install mc

10. Installation Install iptables  :~# apt-get install iptables watch your firewall  :~# iptables -nL

11. Installation Install Shorewall  :~# apt-get remove –purge shorewall  :~# apt-get install shorewall Install documentation  :~# apt-get remove –purge shorewall  :~# apt-get install shorewall-doc

12. Configuration goto shorewall directory  :~# cd /etc/shorewall look inside  :/etc/shorewall# ls  :/etc/shorewall# iptables -nL

13. Configuration copy example from shorewall examples  # cp /usr/share/doc/shorewall/examples/one- interface/* /etc/shorewall/  # cd /etc/shorewall/  # gunzip *.gz

14. Configuration Change /etc/default/shorewall from startup=0 to startup=1 # vim /etc/default/shorewall  change the startup

15. Activate the firewall do this # /etc/init.d/shorewall start watch your firewall # iptables –nL | less

16. RFC1918 for Private IP default shorewall allow Public-IP  # vim /etc/shorewall/interfaces remove norfc1918  net eth0 detect norfc1918,routefilter,dhcp,tcpflags to  net eth0 detect routefilter,dhcp,tcpflags

17. activate some connection on rules permit http connection to server  #vim /etc/shorewall/rules get to the bottom, add the rules  ACCEPT all fw tcp 80 Restart the firewall  # /etc/init.d/shorewall restart

18. Thank you