On 05/18/2012 01:02 PM, Mike Lander wrote: >>> >>> Yes I knew not good to go, (still scratching head) >>> lsm 0.130-1 >>> lsm.conf >>> # >>> # (C) 2009 Mika Ilmaranta<[email protected]> >>> # >>> # License: GPLv2 >>> # >>> >>> # >>> # Debug level: 0 .. 8 are normal, 9 gives lots of stuff and 100 > doesn't >>> # bother to detach >>> # >>> #debug=10 >>> debug=9 >>> #debug=8 >>> >>> # >>> # Defaults for the connection entries >>> # >>> defaults { >>> name=defaults >>> checkip=127.0.0.1 >>> eventscript=/etc/lsm/script >>> notifyscript= >>> max_packet_loss=15 >>> max_successive_pkts_lost=7 >>> min_packet_loss=5 >>> min_successive_pkts_rcvd=10 >>> interval_ms=1000 >>> timeout_ms=1000 >>> [email protected] >>> check_arp=0 >>> sourceip= >>> # if using ping probes for monitoring only then defaults should >>> # not define a default device for packets to autodiscover their path >>> # to destination >>> # device=eth0 >>> # use system default ttl >>> ttl=0 >>> # assume initial up state at lsm startup (1 = up, 0 = down, 2 = > unknown >>> (default)) >>> # status=1 >>> } >>> >>> # >>> # Some example connections are found in lsm.conf.sample >>> # >>> include /etc/lsm/shorewall.conf >> >> Sorry -- also need to see that file. >> >> -Tom >> -- > shorewall.conf in lsm directory > > connection { > name=Rea > checkip=4.2.2.2 > device=eth0 > ttl=64 > } > > connection { > name=Com > checkip=4.2.2.1 > device=eth1 > ttl=64 > } > Mike
Okay. You need to use your distribution's network configuration facilities to add a route to 4.2.2.2/32 via the default gateway on eth0 and a route to 4.2.2.1/32 via the default gateway on eth1. It's important that traffic to the 'checkip' address be routed out of the correct interface even when that interface is unusable. That's the only way that LSM can determine when the interface comes back up. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
