[root@nfs ~]# yum install shorewall


二、编辑设定档
安装完毕后,必需先要设定各个设定档才能启动shorewall

[root@nfs ~]# vi/etc/shorewall/shorewall.conf

STARTUP_ENABLED=Yes

[root@nfs shorewall]# vi masq

[root@nfs shorewall]# vi params

[root@nfs shorewall]# vi nat


[root@nfs shorewall]# vi zones

net     ipv4

loc     ipv4

fw      firewall

[root@nfs shorewall]# vi interfaces

net  eth1                                  

loc  eth0

[root@nfs shorewall]# vi policy

loc     net     ACCEPT

loc     fw      ACCEPT

fw      loc     ACCEPT

fw      net     ACCEPT  

net     all     DROP    info

all     all     REJECT  info

[root@nfs shorewall]# vi rules

ACCEPT  net     fw      tcp    22,25,80,389,443,465,993,3128,4190,5666,6379,8022,8082,8083,8443,8888,8889,8890 -

ACCEPT  net     fw      udp    1194,5060     -

ACCEPT  net     fw      icmp    8




[root@nfs shorewall]# shorewall check

[root@nfs shorewall]# shorewall restart

[root@nfs shorewall]# chkconfig --level2345 shorewall on