Including the relevant error messages in your request for help is a big part of getting helped.
Shorewall is a firewall. I can't imagine it is a dependency of anything, so you must have installed it at some point. Next time you should pay more attention to what dist-upgrade does. The choice of having a firewall or not is your decision as the admin.
Shorewall has wonderful documentation. Browse it at
http://shorewall.net/ . The basic config files are in /etc/shorewall. You should read them/the docs to figure out what to edit. There are also example configs for various setups at - iirc - /usr/share/doc/shorewall/examples. Of course there is a way to allow the services you want.