Dear Sir, i want to use four lan card. eth0 --->ISP1, eth1---------->ISP2 , eth2--------> dmz ,eth3------------->loc zone. actually i want to implement multi isp failover.can i used four lan card shorewall firewall.basically i wil create four zone. eth0 from ISP1, eth1 fron second isp,eth2 from dmz zone and eth4 from local zone.
it is possible in shorewall firewall. plz tell me On 12/31/08, [email protected] < [email protected]> wrote: > > Send Shorewall-devel mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/shorewall-devel > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Shorewall-devel digest..." > > > Today's Topics: > > 1. Updated IPv6 Sample Configurations (Tom Eastep) > 2. Shorewall 4.2.4 RC2 (Tom Eastep) > 3. Shorewall 4.2.4 RC3 (Tom Eastep) > 4. Re: Shorewall 4.2.4 RC3 (Tom Eastep) > 5. feature request to ease failover (Natanael Copa) > 6. Re: feature request to ease failover (Tom Eastep) > 7. Re: feature request to ease failover (Tom Eastep) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sat, 20 Dec 2008 08:18:51 -0800 > From: Tom Eastep <[email protected]> > Subject: [Shorewall-devel] Updated IPv6 Sample Configurations > To: Shorewall Development <[email protected]>, > Shorewall Announcements <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > We have uploaded corrected sample configurations to: > > > http://www1.shorewall.net/pub/shorewall/development/4.2/Shorewall-4.2.4-RC1/Samples6 > > ftp://ftp1.shorewall.net/pub/shorewall/development/4.2/Shorewall-4.2.4-RC1/Samples6 > > These files will be available on the mirrors shortly and should be used > in place of the samples packaged with RC1. > > -Tom > -- > Tom Eastep \ The ultimate result of shielding men from the > Shoreline, \ effects of folly is to fill the world with fools. > Washington, USA \ -Herbert Spencer > http://shorewall.net \________________________________________________ > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 257 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 2 > Date: Mon, 22 Dec 2008 13:03:45 -0800 > From: Tom Eastep <[email protected]> > Subject: [Shorewall-devel] Shorewall 4.2.4 RC2 > To: Shorewall Announcements > <[email protected]>, Shorewall > Development > <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > RC2 is now available for testing. It corrects the same Shorewall-perl > problem that was corrected in 4.2.3.1 and includes a couple of > additional IPv6 fixes. See the release notes. > > -Tom > -- > Tom Eastep \ The ultimate result of shielding men from the > Shoreline, \ effects of folly is to fill the world with fools. > Washington, USA \ -Herbert Spencer > http://shorewall.net \________________________________________________ > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 257 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 3 > Date: Sun, 28 Dec 2008 12:09:17 -0800 > From: Tom Eastep <[email protected]> > Subject: [Shorewall-devel] Shorewall 4.2.4 RC3 > To: Shorewall Development <[email protected]>, > Shorewall Announcements <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > RC3 is now available for testing: > > http://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.4-RC2/ > ftp://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.4-RC2/ > > -Tom > -- > Tom Eastep \ The ultimate result of shielding men from the > Shoreline, \ effects of folly is to fill the world with fools. > Washington, USA \ -Herbert Spencer > http://shorewall.net \________________________________________________ > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 257 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 4 > Date: Mon, 29 Dec 2008 16:25:20 -0800 > From: Tom Eastep <[email protected]> > Subject: Re: [Shorewall-devel] Shorewall 4.2.4 RC3 > To: [email protected] > Cc: Shorewall Announcements <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > Tom Eastep wrote: > > RC3 is now available for testing: > > > > > http://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.4-RC2/ > > > ftp://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.4-RC2/ > > Hmmm -- I just noticed that the url's are wrong. Should be: > > http://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.4-RC3/ > ftp://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.4-RC3/ > > -Tom > -- > Tom Eastep \ The ultimate result of shielding men from the > Shoreline, \ effects of folly is to fill the world with fools. > Washington, USA \ -Herbert Spencer > http://shorewall.net \________________________________________________ > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 257 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 5 > Date: Wed, 31 Dec 2008 10:47:46 +0100 > From: Natanael Copa <[email protected]> > Subject: [Shorewall-devel] feature request to ease failover > To: [email protected] > Message-ID: <1230716866.7505.8.ca...@nc> > Content-Type: text/plain > > Hi, > > I started on writing a ping daemon for multi ISP setups. It pings > routers to monitor if isp is available or not. When status of an ISP > change it executes a configurable command. > > Now, to do a proper failover it might be needed to delete/add default > gateways. This might confuse shorewall with the multiisp setup. > > So, what would be *really* neat is a shorewall command to indicate the > status of an isp. For example > > shorewall provider ISP1 down > > will tell shorewall that ISP1 (defined in providers) is down and remove > that route. On restart it should not be confused if route is not there. > > and the corresponding: > > shorewall provider ISP1 up > > will tell shorewall that the ISP is available again and do the necessary > magic. Prefferible without recompiling the rules. > > What would be needed to get something like that working in shorewall? > > Other ideas on how to implement proper ISP failover with shorewall? > > -nc > > > > > ------------------------------ > > Message: 6 > Date: Wed, 31 Dec 2008 07:50:54 -0800 > From: Tom Eastep <[email protected]> > Subject: Re: [Shorewall-devel] feature request to ease failover > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > Natanael Copa wrote: > > > > > Other ideas on how to implement proper ISP failover with shorewall? > > > > Make all of your providers 'optional' -- then all you need to do is > 'shorewall restart'. In fact, you can use 'shorewall -f restart' if you > are running a recent enough version of Shorewall; that skips the > compilation phase. > > -Tom > -- > Tom Eastep \ The ultimate result of shielding men from the > Shoreline, \ effects of folly is to fill the world with fools. > Washington, USA \ -Herbert Spencer > http://shorewall.net \________________________________________________ > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 257 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 7 > Date: Wed, 31 Dec 2008 08:26:27 -0800 > From: Tom Eastep <[email protected]> > Subject: Re: [Shorewall-devel] feature request to ease failover > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > Tom Eastep wrote: > > Natanael Copa wrote: > > > >> Other ideas on how to implement proper ISP failover with shorewall? > >> > > > > Make all of your providers 'optional' -- then all you need to do is > > 'shorewall restart'. > > Also take note of the 'isusable' extension script -- that script can be > used to extend Shorewall's method of determining if an interface is up > or down. > > -Tom > -- > Tom Eastep \ The ultimate result of shielding men from the > Shoreline, \ effects of folly is to fill the world with fools. > Washington, USA \ -Herbert Spencer > http://shorewall.net \________________________________________________ > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 257 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > > ------------------------------------------------------------------------------ > > > ------------------------------ > > _______________________________________________ > Shorewall-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-devel > > > End of Shorewall-devel Digest, Vol 30, Issue 8 > ********************************************** > -- Shyam Kumar Verma System Administrator-IT Indo Asian Fusegear Ltd. Mobile No.9313107313
------------------------------------------------------------------------------
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
