* iptables state transfer @ 2007-06-11 10:55 Martin Schiøtz 2007-06-11 11:22 ` Petr Pisar 0 siblings, 1 reply; 5+ messages in thread From: Martin Schiøtz @ 2007-06-11 10:55 UTC (permalink / raw) To: netfilter Hi Can iptables do state transfer between two firewalls for failover purpose. Something like PF sync with PF in BSD. I want to do NAT with failover. Best regards, Martin ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables state transfer 2007-06-11 10:55 iptables state transfer Martin Schiøtz @ 2007-06-11 11:22 ` Petr Pisar 2007-06-11 12:12 ` Martin Schiøtz 0 siblings, 1 reply; 5+ messages in thread From: Petr Pisar @ 2007-06-11 11:22 UTC (permalink / raw) To: netfilter On 2007-06-11, Martin Schiøtz <malinux@gmail.com> wrote: > > Can iptables do state transfer between two firewalls for failover > purpose. Something like PF sync with PF in BSD. > > I want to do NAT with failover. > Try conntrack-tools http://people.netfilter.org/pablo/conntrack-tools/ -- Petr ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables state transfer 2007-06-11 11:22 ` Petr Pisar @ 2007-06-11 12:12 ` Martin Schiøtz 2007-06-21 0:27 ` Lars Wilke 0 siblings, 1 reply; 5+ messages in thread From: Martin Schiøtz @ 2007-06-11 12:12 UTC (permalink / raw) To: Petr Pisar; +Cc: netfilter > > Can iptables do state transfer between two firewalls for failover > > purpose. Something like PF sync with PF in BSD. > > > > I want to do NAT with failover. > > > > Try conntrack-tools > http://people.netfilter.org/pablo/conntrack-tools/ > It looks like the right thing - Thanks! - Martin ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables state transfer 2007-06-11 12:12 ` Martin Schiøtz @ 2007-06-21 0:27 ` Lars Wilke 2007-06-21 1:48 ` Grant Taylor 0 siblings, 1 reply; 5+ messages in thread From: Lars Wilke @ 2007-06-21 0:27 UTC (permalink / raw) To: netfilter * Martin Schiøtz wrote: > > > Can iptables do state transfer between two firewalls for failover > > > purpose. Something like PF sync with PF in BSD. > > > > > > I want to do NAT with failover. > > > > > > > Try conntrack-tools > > http://people.netfilter.org/pablo/conntrack-tools/ Out of curiosity ... Is there somethink that can replicate rule changes, too? thanks --lars ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: iptables state transfer 2007-06-21 0:27 ` Lars Wilke @ 2007-06-21 1:48 ` Grant Taylor 0 siblings, 0 replies; 5+ messages in thread From: Grant Taylor @ 2007-06-21 1:48 UTC (permalink / raw) To: Mail List - Netfilter On 6/20/2007 7:27 PM, Lars Wilke wrote: > Is there somethink that can replicate rule changes, too? This is (was last I read about it) out side of the scope of what conntrackd is designed to do. Grant. . . . ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-06-21 1:48 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2007-06-11 10:55 iptables state transfer Martin Schiøtz 2007-06-11 11:22 ` Petr Pisar 2007-06-11 12:12 ` Martin Schiøtz 2007-06-21 0:27 ` Lars Wilke 2007-06-21 1:48 ` Grant Taylor
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox