is a front-end to the Linux
netfilter system which makes it (relatively) easy to set up and maintain a
firewall. It has a dedicated user community which appreciates Shorewall's
flexibility and documentation, along with the ability to secure a system
with a minimum of hassle. The current release is 2.2.4
Unfortunately, that may be the last release for a while; Shorewall
maintainer Tom Eastep has announced
that he will no longer work on the project. Shorewall, it seems, has
fallen victim to a common problem with smaller projects: developer
burnout. Mr. Eastep has concluded that Shorewall development takes more of
his time (and health) than he can afford to give.
There appears to be a couple of problems in how Shorewall is developed.
The first is that nobody has stepped up to take on a significant part of
the load, leaving Mr. Eastep to do all of the work himself:
Unlike the originators of other successful open source projects, I
have not been able to attract a core of people who believe in
Shorewall and who are willing to make sacrifices to ensure it's
success. That is my weakness and I accept it. But is means that I
have been left with trying to develop, document, and support
Shorewall almost single-handedly. I cannot do it any more.
Without having followed the development process for this project, we would
be ill-advised to say why things turned out this way. It could be that the
Shorewall community did not feel the need to contribute to the project, or
it could be that Mr. Eastep, in one way or another, discouraged that sort
of involvement. But any project which is dependent on a single person in
this way will always be at risk.
Mr. Eastep also notes:
And I just cannot deal with the support and documentation
frustration any more -- support, the documentation and the web site
consume an order of magnitude more of my time than does Shorewall
He was apparently unwilling to solve this problem the way many free
software developers do: simply ignore support and documentation
altogether. The documentation for Shorewall is extensive, to say the
least; it clearly took a lot of time. Likewise with support; a reading of
the Shorewall mailing list shows Mr. Eastep doing his best to answer most
of the questions that were asked. It is not surprising that he got tired
of carrying that load.
Shorewall is free software, and it almost certainly will not die. There
are already some signs that members of the user community are beginning to
step up to help ensure that the project continues. This is, of course, one
of the strengths of free software; had Shorewall been proprietary, it would
now be dead. But the other side of this coin is that the user community
has to take an interest in the software it depends on. If users do not
come forward over time to help with programming, documentation, and support,
they may find themselves having to do it in a hurry when the primary
(Thanks to Matt "Cyber Dog" LaPlante for the heads-up).
to post comments)