Dear list,
Our tomcat cluster is working on our DMZ, and we would like to protect the
individual nodes with Shorewall.
Tomcat clustering uses multicast on the LAN for nodes to advertise that they
are running and to join a cluster. Here are two packets from two nodes at
192.168.200.11+17 captured by tcpdump:
19:53:00.695849 IP 192.168.200.11 > 224.0.0.22: igmp v3 report, 1 group
record(s)
19:53:02.693806 IP 192.168.200.11.45564 > 228.0.0.4.45564: UDP, length 52
19:53:02.696124 IP 192.168.200.17.45564 > 228.0.0.4.45564: UDP, length 52
The first type of packet is seemingly only transmitted for some time after
tomcat is first started.
The second type of packet is transmitted once a second from each node as
long as the cluster is running.
There's a MULTICAST switch for shorewall.conf and a destonly flag for the
shorewall-hosts file. I understand these are for outgoing packets. What
kind of configuration should there be to allow the above types of incoming
packets?
Thanks.
John
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
