Re: [CentOS] conntrack-tools and Session syncing

2008-08-13 Thread Dirk H. Schulz
Hello Nataraj, --On 12. August 2008 22:56:48 -0700 Nataraj <[EMAIL PROTECTED]> wrote: On Sun, 2008-08-10 at 20:28 +0200, Dirk H. Schulz wrote: - snip - The setup works - using "conntrackd -e" I can see the connection table entries the other router's conntrackd has synchronized. What I canno

Re: [CentOS] conntrack-tools and Session syncing

2008-08-12 Thread Nataraj
On Sun, 2008-08-10 at 20:28 +0200, Dirk H. Schulz wrote: > Hi Robert, > > --On 10. August 2008 13:56:22 -0400 Robert Spangler > <[EMAIL PROTECTED]> wrote: > > - snip - > > > OK, I don't know this tool you are using to syn the conntracking of all > > the firewalls. Could you post a link to it?

Re: [CentOS] conntrack-tools and Session syncing

2008-08-10 Thread Dirk H. Schulz
Hi Robert, --On 10. August 2008 13:56:22 -0400 Robert Spangler <[EMAIL PROTECTED]> wrote: - snip - OK, I don't know this tool you are using to syn the conntracking of all the firewalls. Could you post a link to it? Yes, of course:

Re: [CentOS] conntrack-tools and Session syncing

2008-08-10 Thread Robert Spangler
On Sunday 10 August 2008 11:03, Dirk H. Schulz wrote: > >> That works as expected. If e.g. I ping from an inside server to > >> somewhere outside, ICMP request leaves via router2, the answer comes > >> back via router1. conntrack -e on router1 shows this session (as > >> unreplied), BUT th

Re: [CentOS] conntrack-tools and Session syncing

2008-08-10 Thread Dirk H. Schulz
Hi Robert, --On 10. August 2008 10:04:37 -0400 Robert Spangler <[EMAIL PROTECTED]> wrote: On Sunday 10 August 2008 08:36, Dirk H. Schulz wrote: That works as expected. If e.g. I ping from an inside server to somewhere outside, ICMP request leaves via router2, the answer comes back via ro

Re: [CentOS] conntrack-tools and Session syncing

2008-08-10 Thread Robert Spangler
On Sunday 10 August 2008 08:36, Dirk H. Schulz wrote: > That works as expected. If e.g. I ping from an inside server to somewhere > outside, ICMP request leaves via router2, the answer comes back via > router1. conntrack -e on router1 shows this session (as unreplied), BUT > the firewall blocks

[CentOS] conntrack-tools and Session syncing

2008-08-10 Thread Dirk H. Schulz
Hi folks, I have 2 firewalls, setup with Centos 5.2. They are also routers, connected to 2 upstream routers. I have some cases where connections from servers to the internet leave my network via router2 and answers come back via router1. So I added conntrack tools to both routers/firewalls t