On 30/01/2008, Alex Samad <[EMAIL PROTECTED]> wrote: > > On Wed, Jan 30, 2008 at 11:49:50AM +1100, Greg Cockburn wrote: > > Hi all, > > > > I want to know if it is possible to share/track TCP/VPN(IPSEC)/NAT > > connections between 2 Linux hosts. > > > > At home I have a great Firewall. It runs LEAF Bering uClibc 3.X / > OPENSWAN > > / OPENVPN. It is great. > > > > At work I have 2 Cisco PIX running in a failover mode Active/Passive, > and > > those pix share VPN, TCP and NAT information, so that when > > they failover from the active to the passive node, no one notices. > > > > Is this possible to do in Linux? > I believe the netfilter guys have just recently released something to > allow for > the sharing of connection information between 2 linux box for HA of linux > firewall's > > check outthe netfilter web site > Alex,
good thinking! This looks like it: http://people.netfilter.org/pablo/conntrack-tools/testcase.html Thanks, Greg. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
