You need to add a line to the bottom of /etc/shorewall/rules
ACCEPT net fw tcp 843,655,111,671
ACCEPT net fw udp 652,668,837,840,111
This is the format from my file, where I'm "ACCEPT"ing connections from the "net" zone (defined as my external interface) to the fw (firewall - i.e. computer shorewall is on). The information on protocols and ports is from aioshin's post. If you're only allowing access to LAN computers, you'll want to find out what the zones your computer has. It's quite likely mandrake will have named it "net", even though in your case "lan" would be more appropriate.
-fissy