gShield Installation Notes
--------------------------

# ------------------------------ #
# Netfilter/iptables             #       
# -------------------------------#

gShield assumes you have a properly working and
configured netfilter/iptables setup. It does not make
use of any "special" extensions or patches, but some
things will not work well unless you are sure they
are installed (such as the FTP NAT support).

There are case where gShield allows you to make
use of some of the experimental iptables patches,
but these are not necessary for the default settings. 

gShield DOES NOT attempt to load iptables modules for you;
a properly configured linux system will load modules 
"as needed" -- there is one exception to this no-load
behavior -- the irc connection tracking section
allows you to specify which irc ports to consider for
tracking and therefore does make provisions for loading
this specific module.

# ------------------------------ #             
# Installing                     #             
# -------------------------------#   

The default configuration assumes everything will
be installed in /etc/firewall.  

gShield will untar to gShield-<version> which means you 
will need to a) move/rename this directory to /etc/firewall
or b) symlink /etc/firewall to gShield-<version>/

**********************************************************
** DO NOT attempt to run configure this script remotely **
**********************************************************

**********************************************************
** DO NOT run the thing remotely! ************************
**********************************************************

I recommend installing/configuring the first time locally in case
something horrible happens-- otherwise, if you make a mistake, you
will find yourself locked out of your own machine.  I'm not
kidding.

* NEXT *

Open a terminal. Get out that favorite editor of yours. Edit 
gShield.conf -- it's commented.

* NEXT *

Read the README. It's in the docs directory. 

* NEXT *

Run the script (/etc/firewall/gShield.rc) <- assuming you've renamed the 
directory. 

I suggest linking this, or setting it up as an automatic process.

Three examples on how to do this. 

PPP -- under Debian, there's a nice directory -> /etc/ppp/ip-up.d/

Make a link from the firewall:

	ln -s /etc/firewall/gShield.rc /etc/ppp/ip-up.d/gShield.rc 

DHCP -- from my config file for dhcpcd:

	OPTIONS='-d -c /etc/firewall/gShield.rc'

* That's it *
