Hi folks!
I've been working with HA firewall cluster for a while and I always
found that all solutions for having the same iptables rules in all
nodes of the cluster are weak.
So I wrote a wrapper for ip{set|tables|6tables} that launches the rule
locally and then, througth a SSH conection, to other previously
configured nodes.
I hope you give me some review of the idea.
The code:
https://github.com/aborrero/iptables-cluster
DEB package:
https://github.com/downloads/aborrero/iptables-cluster/iptables-cluster_0.1-1_all.deb
Some more explanation (in spanish):
http://ral-arturo.blogspot.com.es/2012/05/iptables-cluster-sincronizacion-de.html
I'm using it, with good results.
Best regards.
--
/* Arturo Borrero Gonzalez || cer.inet@linuxmail.org */
/* Use debian gnu/linux! Best OS ever! */
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/CAPfcJattRzw6R82hJa7QM9KhjHjLB71qLeauo+Xo=3YtqHYzdw@mail.gmail.com
No comments:
Post a Comment