On Fri, 2007-08-24 at 12:20 +1000, James Gray wrote: > > > "Nearly 100%"...yes. Try up-selling that to management who wont even > give me 15 minutes of downtime on a weekend :P >
If your management demands that level of up-time then they surely must provide you with one or more test firewalls where you can verify new software releases in a semi-live environment. And even if the misers don't do that for you, you are running Shorewall 3.4; so you can: shorewall compile <configuration> <firewall-a> #under shorewall 3.4 and shorewall compile <configuration> <firewall-b> #under shorewall 4.0 then: diff -au <firewall-a> <firewall-b> This firewall stuff really isn't as complicated as brain surgery.... -Tom (who has worked in the ultra high-availability market sector since 1980). -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
