On Tue, 2011-06-28 at 07:21 -0400, Ryan on the Beach wrote:
> I have the OpenWRT system working, but there is one issue to hammer
> out. My main or primary firewall is the default gateway for all my
> systems. This is something I don't want to change. I am trying to do
> reverse masq so that I can leave my setup my gateway as is on my
> systems in the internal network. I recall doing this years ago with
> Shorewall but cannot remember how I accomplished it.
>
>
> Does anyone have any idea how this might be done? I thought it might
> be with source nat but after reading the documentation and trying a
> few things I have not been able to make it work.
This requires:
* Detecting the failure of the primary firewall. This is done
using the exchange of "I'm alive" messages and there are
daemon's for that.
* Upon failure, reconfigure the internal NIC's IP address (and
optionally its MAC address) to match the primary's.
It doesn't really involve Shorewall.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
