Tom Eastep

2019-12-19

Open Source Software is not free; it comes at a very high cost.

- Wietse Venema

The painful task of thinking belongs to me.

- Baron George Brydges Rodney

Perfection in design is achieved not when there is nothing left to add, but rather when there is nothing left to take away.

- Antoine de Saint-Exupery

Nothing is foolproof to a sufficiently-talented fool.

- Anonymous

Still, it is an error to argue in front of your data. You find yourself insensibly twisting them round to fit your theories.

- Holmes to Watson, "The Adventure of Wisteria Lodge", Sir Arthur Conan Doyle

Live your whole life such that you can look every damn man in the face and tell him to go to hell

- Plaque on the wall of my Maternal Grandmother's Kitchen

Tom, his dog, and his new car - May 2006

"Tom, his dog Tipper, and his new car" -- May 2006

Prior to retiring, I was an architect in the Open System Services development group within the NonStop Enterprise Division of HP.

I became interested in Internet Security when I established a home office in 1999 and had DSL service installed in our home. I investigated ipchains and developed the scripts which are now collectively known as Seattle Firewall. Expanding on what I learned from Seattle Firewall, I then designed and wrote Shorewall.

Prior to retiring, I teleworked from our home in Shoreline, Washington where I live with my wife Tarry.

In addition to working on Shorewall, I enjoy digital photography, bicycling and walking.

Documentation

Frequently Used Articles

- FAQs - Manpages - Configuration File Basics - Beginner Documentation - Troubleshooting

Shorewall 4.4/4.5/4.6 Documentation

Shorewall 4.0/4.2 Documentation

Shorewall 5.0/5.1/5.2 HOWTOs and Other Articles

- 6to4 and 6in4 Tunnels - Accounting - Actions - Aliased (virtual) Interfaces (e.g., eth0:0) - Anatomy of Shorewall - Anti-Spoofing Measures - AUDIT Target support - Bandwidth Control - Blacklisting/Whitelisting - Bridge/Firewall - Building Shorewall from GIT - Commands - Compiled Programs - Configuration File Basics - DHCP - DNAT - Docker - Dynamic Zones - ECN Disabling by host or subnet - Events - Extension Scripts - Fallback/Uninstall - FAQs - Features - Fool's Firewall - Forwarding Traffic on the Same Interface - FTP and Shorewall - Helpers/Helper Modules - Installation/Upgrade - IPP2P - IPSEC - Ipsets - IPv6 Support - ISO 3661 Country Codes - Kazaa Filtering - Kernel Configuration - KVM (Kernel-mode Virtual Machine) - Limiting Connection Rates - Linux Containers (LXC) - Linux-vserver - Logging - Macros - MAC Verification - Manpages - Manual Chains - Masquerading - Multiple Internet Connections from a Single Firewall - Multiple Zones Through One Interface - My Shorewall Configuration - Netfilter Overview - Network Mapping - No firewalling of traffic between bridge port - One-to-one NAT - Operating Shorewall - OpenVPN - OpenVZ - Packet Marking - Packet Processing in a Shorewall-based Firewall - 'Ping' Management - Port Forwarding - Port Information - Port Knocking (deprecated) - Port Knocking, Auto Blacklisting and Other Uses of the 'Recent Match' - PPTP - Proxy ARP - QuickStart Guides - Release Model - Requirements - Routing and Shorewall - Routing on One Interface - Samba - Shared Shorewall/Shorewall6 Configuration - Shorewall Events - Shorewall Init - Shorewall Lite - Shorewall on a Laptop - Shorewall Perl - Shorewall Setup Guide - SMB - SNAT - Split DNS the Easy Way - Squid with Shorewall - Starting/stopping the Firewall - Static (one-to-one) NAT - Support - Tips and Hints - Traffic Shaping/QOS - Simple - Traffic Shaping/QOS - Complex - Transparent Proxy - UPnP - Upgrade Issues - Upgrading to Shorewall 4.4 (Upgrading Debian Lenny to Squeeze) - VPN - VPN Passthrough - White List Creation - Xen - Shorewall in a Bridged Xen DomU - Xen - Shorewall in Routed Xen Dom0

Top of Page