Date: Mon, 10 Jun 2002 16:47:22 -0700 (PDT) From: Doug Silver <dsilver@urchin.com> To: Mike Hoskins <mike@adept.org> Cc: security@FreeBSD.ORG Subject: Re: firewall 'stateful failover' Message-ID: <Pine.LNX.4.21.0206101646510.1199-100000@danzig.sd.quantified.net> In-Reply-To: <20020610155455.Y96521-100000@snafu.adept.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10 Jun 2002, Mike Hoskins wrote: > > Is there a way to handle the state table in ipfw/ipf? I could write > scripts to do 'failover', but I'm wandering if there's a way to 'share' > the state table between active and standby units or to pass the state > table from one firewall to another over a crossover. > > I've briefly searched Google for 'BSD Firewall Failover', but didn't find > a whole lot. I'm looking for pointers to existing solutions, as well as > generalized ideas (about good ways to do this, if it hasn't been done > yet). Of course I ideally want pointers to opensource solutions... If > none exist, this could be a fun project. However, I find it hard to > believe this wheel hasn't already been carved out of stone. > > Later, > -Mike > > -- > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." --Benjamin Franklin > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > You might want to check the IP Filter mailing list as I know I've seen this issue come up there. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Doug Silver Network Manager Urchin Software Corp. http://www.urchin.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0206101646510.1199-100000>