summaryrefslogtreecommitdiff
blob: 084595dde9b2211d1b7856f53c1f4f44e8a6c1fa (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
	<maintainer type="person">
		<email>whissi@gentoo.org</email>
		<name>Thomas Deutschmann</name>
	</maintainer>
	<maintainer type="project">
		<email>netmon@gentoo.org</email>
		<name>Gentoo network monitoring and analysis project</name>
	</maintainer>
	<maintainer type="project">
		<email>proxy-maint@gentoo.org</email>
		<name>Proxy Maintainers</name>
	</maintainer>
	<longdescription lang="en">
		The Shoreline Firewall, more commonly known as "Shorewall", is high-level tool for configuring Netfilter.
		You describe your firewall/gateway requirements using entries in a set of configuration files.
		Shorewall reads those configuration files and with the help of the iptables, iptables-restore, ip and
		tc utilities, Shorewall configures Netfilter and the Linux networking subsystem to match your requirements.
		Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a
		standalone GNU/Linux system. Shorewall does not use Netfilter's ipchains compatibility mode and can thus
		take advantage of Netfilter's connection state tracking capabilities.

		Shorewall is not a daemon. Once Shorewall has configured the Linux networking subsystem, its job is complete and
		there is no "Shorewall process" left running in your system. The /usr/sbin/shorewall program can be used at
		any time to monitor the Netfilter firewall.
	</longdescription>
	<upstream>
		<doc lang="en">http://shorewall.net/Documentation_Index.html</doc>
		<remote-id type="sourceforge">shorewall</remote-id>
	</upstream>
	<use>
		<flag name="init">Adds the capability to place the firewall in a safe state prior to bringing up the network interfaces</flag>
		<flag name="ipv4">Installs everything needed to create a full IPv4 firewall</flag>
		<flag name="ipv6">Adds the capability to create a full IPv6 firewall (requires <pkg>net-firewall/shorewall</pkg> ipv4 USE flag)</flag>
		<flag name="lite4">Installs everything needed to just *run* an IPv4 compiled firewall script created with <pkg>net-firewall/shorewall</pkg> ipv4 USE flag</flag>
		<flag name="lite6">Installs everything needed to just *run* an IPv6 compiled firewall script created with <pkg>net-firewall/shorewall</pkg> ipv6 USE flag</flag>
	</use>
</pkgmetadata>