Shorewall Download

Package Information
Distribution-specific Download Sites
Standard Download Sites
Finding Updates that Correct Known Problems


Package Information

Before trying to install, we strongly urge you to read and print a copy of the Shorewall QuickStart Guide for the configuration that most closely matches your own.

The documentation in both XML and HTML formats is available for download from the Download Sites listed in the table below.

NOTICE: There are three current Shorewall Release Series:

For additional information, see this article about the Shorewall Release Model.

In Shorewall version 4.0.*, there are four related packages:

In Shorewall version 4.2.*, there are two additional packages that provide IPv6 support:
In Shorewall version 4.4.*, the Shorewall-common, Shorewall-shell and Shorewall-perl packages are discontinued and replaced with a single Shorewall package which combines the functions of Shorewall-common and Shorewall-perl. The shell-based compiler is retired. So with Shorewall 4.4 onward, there are four packages:
To summarize:

Here are the installation instructions.

Distribution-specific Download Sites

Once you've printed the appropriate QuickStart Guide, download the appropriate Packages:

You will probably also want to download the HTML version of the documentation for easy reference.

Standard Download Sites

Use the sites below to download the tarball, the documentation and the standard RPM for (SUSE, Power PPC, Trustix and TurboLinux).

Packages are GPG signed, please verify the integrity of the files using our public key





Slovak Republic



Seattle, Washington, USA



Frankfurt/Main, Germany



Moscow, Russia

Shoreline, Wa, USA









Chicago, Illinois, USA (Incomplete)
Browse N/A

Finding Updates that Correct Known Problems

Beginning with Shorewall 4.0.6, updated packages that include fixes to known problems are made available.


ftp> cd pub/shorewall/4.0/shorewall-4.0.6
250 OK. Current directory is /pub/shorewall/4.0/shorewall-4.0.6
ftp> ls
200 PORT command successful
150 Connecting to port 36018
drwxr-sr-x 4 1006 8 4096 Dec 1 08:16 .
drwxr-sr-x 9 1006 8 4096 Nov 23 08:22 ..
-rw-r--r-- 1 1006 8 194 Nov 24 07:38 4.0.6-2.md5sums
-rw-r--r-- 1 1006 8 218 Nov 24 07:38 4.0.6-2.sha1sums
-rw-r--r-- 1 1006 8 841 Nov 26 13:26 4.0.6.md5sums
-rw-r--r-- 1 1006 8 945 Nov 26 13:26 4.0.6.sha1sums
-rw-r--r-- 1 1006 8 322 Nov 26 08:35 README.txt
drwxr-xr-x 4 1006 8 4096 Nov 23 08:21 base
-rw-r--r-- 1 1006 8 1570 Dec 1 08:16 known_problems.txt
-rw-r--r-- 1 1006 8 148363 Nov 23 08:22 patch-4.0.6
-rw-r--r-- 1 1006 8 4238 Nov 24 16:49 patch-perl-
-rw-r--r-- 1 1006 8 5249 Nov 29 07:38 patch-perl-

-rw-r--r-- 1 1006 8 102295 Nov 24 07:38 shorewall-perl-4.0.6-2.noarch.rpm <=========
-rw-r--r-- 1 1006 8 99884 Nov 24 07:38 shorewall-perl- <=========
-rw-r--r-- 1 1006 8 300 Nov 24 07:38 shorewall-perl- <=========
-rw-r--r-- 1 1006 8 124814 Nov 24 07:38 shorewall-perl- <=========
-rw-r--r-- 1 1006 8 300 Nov 24 07:38 shorewall-perl- <=========
-rw-r--r-- 1 1006 8 59124 Nov 23 08:22 shorewall-shell-4.0.6-0base.noarch.rpm
-rw-r--r-- 1 1006 8 76500 Nov 23 08:22 shorewall-shell-4.0.6.tar.bz2
-rw-r--r-- 1 1006 8 300 Nov 23 08:22 shorewall-shell-4.0.6.tar.bz2.asc
-rw-r--r-- 1 1006 8 95193 Nov 23 08:22 shorewall-shell-4.0.6.tgz
-rw-r--r-- 1 1006 8 300 Nov 23 08:22 shorewall-shell-4.0.6.tgz.asc
drwxr-sr-x 2 1006 8 4096 Nov 26 08:33 superseded
226-Options: -a -l
226 41 matches total

The lines flagged with <====== show that the Shorewall-perl package has been updated to include two bug fixes (note the "-2" and ".2" in the file names). The base tarballs for the release are found in the base directory. The unified diff files patch-4.0.6.* may be applied sequentially to the base (4.0.6) Shorewall-perl release (from the base directory) to produce The obsoleted 4.0.6 Shorewall-perl packages may be found in the superseded directory. The known_problems.txt file indicates which problems are fixed in each updated package.


The SVN Repository at Sourceforge is used as a safe-store for Shorewall releases.

You should download and use the latest SVN version only at your own risk -- please do not attempt to install Shorewall from the SVN components; you will end up with an incomplete and non-working installation.

If you want to build your own packages from the SVN images, use the build script found in tools/build/buildshorewall.

If you are looking for bug fixes for the current release, see above.

The following SVN projects are currently active:

  1. branches

    This project contains sub-projects for each of the stable releases.

    The current stable version is branch named x.y where x.y is the major version. Example: 3.4.

    You can download it using the following commands:

        svn co

  2. Shorewall

    This project contains the Shorewall code.

    You can download it using the following commands:

        svn co
  3. manpages

    Beginning with Shorewall 3,4,0, this project contains the man pages for Shorewall. 'trunk' is the current development version.

    You can download it using the following commands:

        svn co
  4. manpages-lite

    Beginning with Shorewall 3.4.0, this project contains the man pages for Shorewall Lite. 'trunk'  is the current development version.

    You can download it using the following commands:

        svn co
  5. docs

    This project contains the Shorewall documenation.
    trunk is the current development version.

    You can always get the current documentation in XML Docbook format using the following command:

        svn co
  6. web

    The project contains the part of this Web site not included in the "docs" project.
  7. tools

    This project includes the tools used by the Shorewall developers to build Shorewall releases and to publish content to the web sites.
  8. Samples

    This project contains the sample configurations.
  9. Shorewall-lite

    This project contains Shorewall Lite -- introduced in Shorewall version 3.2.0 RC1.
  10. Shorewall6

    This project contains Shorewall6 -- introduced in Shorewall version 4.2.4.
  11. Shorewall6-lite

    This project contains Shorewall6 Lite -- introduced in Shorewall version 4.2.4.


Beginning with Shorewall 4.3, the Shorewall project is migrating from SVN to Git. You may browse the Shorewall Git repository at Sourceforge.

To create your own copy of the repository, use this command:

git clone git://

Copyright ©  2001-2009 Thomas M. Eastep

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.