From owner-freebsd-security Fri Jun 14 3:40:23 2002 Delivered-To: freebsd-security@freebsd.org Received: from scribble.fsn.hu (scribble.fsn.hu [193.224.40.95]) by hub.freebsd.org (Postfix) with SMTP id C44B837B417 for ; Fri, 14 Jun 2002 03:40:18 -0700 (PDT) Received: (qmail 22540 invoked by uid 1000); 14 Jun 2002 10:40:17 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 14 Jun 2002 10:40:17 -0000 Date: Fri, 14 Jun 2002 12:40:17 +0200 (CEST) From: Attila Nagy To: Andrey Sverdlichenko Cc: security@freebsd.org Subject: Re: firewall 'stateful failover' In-Reply-To: <1024051106.78535.11.camel@xen.infosec.ru> Message-ID: References: <20020610155455.Y96521-100000@snafu.adept.org> <1024051106.78535.11.camel@xen.infosec.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, > > Is there a way to handle the state table in ipfw/ipf? I could write > > scripts to do 'failover', but I'm wandering if there's a way to 'share' > > the state table between active and standby units or to pass the state > > table from one firewall to another over a crossover. This is implemented in IPF4 AFAIK. You should try its alpha version... --------[ Free Software ISOs - ftp://ftp.fsn.hu/pub/CDROM-Images/ ]------- Attila Nagy e-mail: Attila.Nagy@fsn.hu Free Software Network (FSN.HU) phone @work: +361 210 1415 (194) cell.: +3630 306 6758 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message