From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 7 11:02:33 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D353D16A4DD for ; Thu, 7 Sep 2006 11:02:33 +0000 (UTC) (envelope-from if@hetzner.co.za) Received: from hetzner.co.za (office.cpt2.host-h.net [196.7.147.230]) by mx1.FreeBSD.org (Postfix) with ESMTP id 605FD43D46 for ; Thu, 7 Sep 2006 11:02:33 +0000 (GMT) (envelope-from if@hetzner.co.za) Received: from localhost ([127.0.0.1] helo=ian.hetzner.africa) by hetzner.co.za with esmtp (Exim 4.62 (FreeBSD)) (envelope-from ) id 1GLHeP-000EgY-Ne for freebsd-ipfw@freebsd.org; Thu, 07 Sep 2006 13:02:29 +0200 To: freebsd-ipfw@freebsd.org From: Ian FREISLICH X-Attribution: BOFH Date: Thu, 07 Sep 2006 13:02:29 +0200 Message-Id: Subject: Synchronising state across multiple firewalls X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Sep 2006 11:02:33 -0000 Hi I was wondering if anyone here had plans to write a firewall state synchronisation mechanism for ipfw similar to pfsync. And then any ideas around implimentation. I have 2 firewalls with CARP interfaces for failover, but at failover time the backup's state will not be in sync. If nobody else is currently working on this or even wants to I'm happy to try to convince my boss I should spend some time trying to make it work. Ian -- Ian Freislich