[Shorewall-users] Iptables and shorewall

Tom Eastep teastep at shorewall.net
Thu Aug 7 21:54:44 PDT 2003

On Thu, 2003-08-07 at 13:48, Martin Andersson wrote:

> As I understand it, iptables is a firewall, and shorewall is an easy way to
> configure it.

Iptables is the utility program for configuring Netfilter; Netfilter is
the packet filtering facility built into 2.4 and later Linux kernels.
Shorewall is a tool that uses iptables to configure Netfilter.

 Do I then need to have both services turned on as daemons to
> run shorewall, or is it sufficient to run only shorewall?

a) Neither iptables nor Shorewall run as daemons although they are
defined as services to SysV init (in /etc/init.d).
b) You only need to start Shorewall.
c) Be sure to NOT start ipchains if it is available as a service on your

Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-users mailing list