I suggest you read http://www.shorewall.net/Documentation_Index.htm
Everything is explained in detail there.
The sample files delivered with shorewall do contain your "framework". But you have to get through the configuration-process.
The basic forwarding-options can be set in "shorewall.conf" and the file "policy". Offering certain services and fine-tuning can be done via the file "rules".
Read http://www.shorewall.net/ports.htm for a description on how to implement certain services, but i suggest you first get your basic-config running before fine-tuning this config, e.g. enable your lan to reach the web and vice versa.
If you have specific problems we will be glad to help you.
At 19:54 27.12.2001 -0500, Patrick Munis wrote:
I have two interfaces on my my network eth0 and eth1. eth0 has access to the internet,eth0 is my internet gateway. It has static ip address provided my the cable operator (@home) I need to be able to access eth0 from the try ftp, ssh, http, dns and smtp (running postfix). eth1 is my private network, the comprises of various os (xp, win200, freebsd etc) I want to able to provide the follwing access to the my private network www(browsing the internet), http(access from internet to services running on the my private lan), ftp, ssh,irc, smtp, irc etc
also need to have provide ip forwarding. Can anyone provide a sample configuration file for framework