#############################################################################
#                                                                           #
#  Jay's Iptables Firewall    v0.9.96    :    INSTALL file                  #
#                                                                           #
#  Copyright 2002 Jerome Nokin                                              #
#                                                                           #
#   This program is free software; you can redistribute it and/or modify    #
#   it under the terms of the GNU General Public License as published by    #
#   the Free Software Foundation; either version 2 of the License, or       #
#   (at your option) any later version.                                     #
#                                                                           #
#   This program is distributed in the hope that it will be useful,         #
#   but WITHOUT ANY WARRANTY; without even the implied warranty of          #
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           #
#   GNU General Public License for more details.                            #
#                                                                           #
#   You should have received a copy of the GNU General Public License       #
#   along with this program; if not, write to the Free Software             #
#   Foundation, Inc., 59 Temple Place, Suite 330, Boston,                   #
#   MA  02111-1307  USA                                                     #
#                                                                           #
#############################################################################


#########################
#   WHAT DO YOU NEED ?  #
#########################

   A Linux box with: 
    - kernel 2.4 (http://www.kernel.org)
    - the latest iptables (version >= 1.2.6a) (http://www.iptables.org)
    - perl (for the script configurator)
    - dialog >= 0.9a-20020309a  (for the script configurator)
   

   Check your kernel configuration, in your "netfilter" subsection, 
   you must have this list as modules 
      -------------
      ipt_TCPMSS
      ipt_MARK
      ipt_length
      ipt_TOS
      ipt_MASQUERADE
      iptable_mangle
      ipt_limit
      ipt_LOG
      ipt_REJECT
      ipt_REDIRECT
      ipt_state
      ipt_unclean
      iptable_filter
      ip_conntrack_ftp
      ip_conntrack_irc
      ip_nat_ftp
      ip_nat_irc
      iptable_nat
      ip_tables
      ip_conntrack
      --------------

   (Or all compiled in kernel)

   
   

##############################
#     UPGRADE                #
##############################

  From version < 0.9.1a
  ----------------------
     1) Run 'make install' for install the firewall

     2) Run 'firewall-config.pl --new' for create a new configuration file with the interactive Perl script,
        or run 'firewall-config.pl --generate' for generate a empty configuration file and configure the firewall by hand.


  From version >= 0.9.1a 
  ----------------------
     1) Run 'make install' for install the firewall

     2) Run 'firewall-config.pl --update' for update the configuration file (or simply run the configuration's script).

 
  Restart the firewall with '/etc/init.d/fw-jay restart'


##############################
#   INSTALL                  # 
##############################

   1) Run 'make install' 


   2) Run 'firewall-config.pl --new' to create a new configuration's file with the interactive Perl script, or
      run 'firewall-config.pl --generate' to generate a empty configuration's file and configure the firewall by hand.

      A file called '/etc/firewall-jay/firewall.config' will be created.

      You may be able to run 'firewall-config.pl' whenever you want for re-configure the firewall.   
      (don't forget to restart it after the new configuration)


   3) Play with "/etc/init.d/fw-jay {start|stop|restart|up|down|check|reload-block-ip|reload-block-mac}"

      The 'up|down' options are for compatibility and have the same effects as 'start|stop'.
      The 'check' option is for testing the config's file.
      The 'reload-block-{ip|mac}' options are for reloading the block ip/mac denying files when the firewall is up.	

   5) See README for details ...



###############################
#   REMOVE                    #
###############################

   1) Stop the firewall   : '/etc/init.d/fw-jay stop'

   2) Remove the firewall : 'make remove'



##############################
# BUGS                       #
##############################

 Please send me all your bugs at 'jnokin@ulb.ac.be' 


