RE: [leaf-user] LEAF Bering- DSL with Modem fallback

[Richard Amerman]

I appreciate the reply Tom!

 

You have just caught me digging through your Shorewall site in search of hints on this 
very topic.  I have also just downloaded the Shorewall 1.3.1 lrp and was about to send 
a message to the LEAF list to see if anyone had tried using this version with the most 
recent Bering.

 

The reason I had not assumed that using the two external interfaces either 
simultaneously or in failover was automatically possible with Shorewall was due to a 
series of messages from the LEAF list archive that seemed to indicated (always with 
Dachstein or some other LEAF than Bering that use ipchains) the firewall part of this 
puzzle was either not do-able or problematic.  Sense I am fairly new to LEAF and 
Shorewall, I wanted to find information to build my confidence that this was possible 
before digging in too deep.

 

I must say I am becoming addicted to both the prospects my experiences to date of both 
LEAF Bering and Shorewall.  Coming from a Cisco PIX background this is refreshing!

 

Richard

        -----Original Message----- 
        From: Tom Eastep [mailto:[EMAIL PROTECTED]] 
        Sent: Fri 6/7/2002 11:07 AM 
        To: Richard Amerman 
        Cc: [EMAIL PROTECTED] 
        Subject: RE: [leaf-user] LEAF Bering- DSL with Modem fallback
        
        

        On Fri, 7 Jun 2002, Richard Amerman wrote:
        
        > I have been combing the list archive for info and it seems clear the
        > configuring at least Dachstein or other than Bering with two active
        > external interfaces is indeed a daunting task.  Getting the two
        > interfaces to work looks fairly easy, it is then all about the firewall.
        >
        > 
        >
        > A fairly inelegant way of accomplishing this seems to be a second set of
        > configuration files for the backup interface, some file replacement by
        > the script, and restarting shorewall.
        >
        
        Why don't you just define two external interaces to Shorewall to start
        with? There should be no need to restart it.
        
        -Tom
        --
        Tom Eastep    \ Shorewall - iptables made easy
        AIM: tmeastep  \ http://www.shorewall.net
        ICQ: #60745924  \ [EMAIL PROTECTED]
        
        

��+,���M�������e�ƭ���z������*'}�ޝǀ���nv�)�j�^��!���ׯr�즸���,r��i��w^���柺ǫ����x%��ey�����l���q���z�m��?�X���(��~��zw��X�����b��?�柺ǫI@Bm���y�鮈�r�+��no�hs�hrf�j�����|�Xm�