Hi all, I've just installed an full LRP (Eiger Static) firewall (DMZ and all) at a small clients of mine. They have a full class C, a couple hundred clients in the hosting facilities and a nice little LRP box looking after the whole show :o) There are a couple of things that I guess I've wanted answered but now that I have a client pestering me for some answers I guess these things have moved up the priority tree.
I'll do a bit of a dump/rant here and hopefully some of you folk can help me out, I know I've got a LOT of learning to do as I'm not that confident in scripts etc (I can understand what they are/do but have never "written" one myself). I'm wondering if LRP can be setup to have a hot stand-by server. I've worked with a couple of products (IBM Network Dispatcher for one) that can handle having a "hot standby machine", I know this would only appeal to the people that have more then a couple permanent IPs or the bigger picture people/ISP's. Some ideas on the hotswap stand by: Be able to specify if it's a primary or secondary machine (so more param's in network.conf for this) Both boxes keep a "heart beat" between each other (so each machine needs at least ONE permanent IP to be able to poll each other.) I have no idea where to write, run this kinda script? To start off with I'm happy to "mirror" the network.conf, ipfilter.conf on the boxes manually, but I guess it would be a nice feature if the secondary kept itself upto date firewall rule wise from the primary. Ensure that all IP's are ARP'd on the interfaces (which they are anyway), so that if the secondary machine finds that the primary has failed all it needs to do it auto apply the IP's to it's interface's and "in theory" the box becomes the primary. and I guess clean up where need be when the primary does come back online. I know those couple of lines above seem to make it simple, but I'm hopeing that's all it is. I guess I'm asking all you folk for some guidance on how I can achieve the above. It would be nice if it's already done, but I can't find anything as yet, and after spending and fair amount of time mixing Charlies Extended scripts with a heap of changes that I want, I think I have a grasp on how I want to do it, but I don't have the knowledge of the tools to be able to do it. Secondly I'm wishing to be able to monitor the amount of data going through the firewall. When I say monitor I need/want to be able to monitor it down to the level of number of bytes sent/received, on what port and of course which IP's. If you have heard of CISCO's NetFLOW then that's kinda what I would like to be able to do on an LRP box. This kinda of thing I have no idea where to start, so if anyone can point me in the right direction that would be great. The only thing on this is I'm happy to have the LRP box spit the output of the monitoring to syslog or it's own log, but I will be glad to have it send it over the network to a monitoring machine. (on a side note can you setup syslog to a remote machine currently??) Well that's my rant/want's. if anyone can give me some input on this that would be awesome. I've worked with PIX firewalls, raptor, checkpoint, and I still seem to go back to using LRP and think this is sooooo simple. :o) Thanks in advance Adam Niedzwiedzki AKA: AdStarŪ c: genis-x a: level 1, 278 church street richmond, victoria, 3121, au, earth m: +61 040 7322 719 e: [EMAIL PROTECTED] w: www.genis-x.com icq: 325910 "I never made a mistake in my life. I thought I did once, but I was wrong." _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
