Hi all Sorry of my english, hope you understand :) My Shorewall is runnig just fine, and problem with local access to dmz is solved (another mail to list, another day..) I have a setup with heardbeat on http server, and now i want to get on my firewall as well. I just want to know if any have tried that, and get it to work ? Please have a nice day :) Kim --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003
I have a full working heartbeat+shorewall in my oorganization. Two linux boxes are heartbeated via a serial line (I''m lazy boy... I don''t have a double heatbeat line here... but you sholud have ;-) One box is a perfect clone of the other one, except for hostname and stuff like that. The configuration process was quite easy. Have shorewall full functioning on both boxes. Configure heartbeat to bring up interfaces and networking just before starting shorewall . That''s it. I have heartbeat with nice fallback on and a script that inform me that heartbeat switched. andrea> -----Original Message----- > From: shorewall-users-bounces@lists.shorewall.net > [mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of Kim > Christensen > Sent: gioved? 21 agosto 2003 22.18 > To: shorewall-users@lists.shorewall.net > Subject: [Shorewall-users] Shorewall with headbeat ? > > > Hi all > Sorry of my english, hope you understand :) > > My Shorewall is runnig just fine, and problem with local access to dmz is > solved (another mail to list, another day..) > > I have a setup with heardbeat on http server, and now i want to get on my > firewall as well. > > I just want to know if any have tried that, and get it to work ? > > Please have a nice day :) > > Kim > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003 > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >
Great :) Thanks *s* "I have heartbeat with nice fallback on and a script that inform me that heartbeat switched" My i have a look at your script ? Kim -----Oprindelig meddelelse----- Fra: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net]P? vegne af Andrea Tassinari Sendt: 21. august 2003 04:55 Til: shorewall-users@lists.shorewall.net Emne: RE: [Shorewall-users] Shorewall with headbeat ? I have a full working heartbeat+shorewall in my oorganization. Two linux boxes are heartbeated via a serial line (I''m lazy boy... I don''t have a double heatbeat line here... but you sholud have ;-) One box is a perfect clone of the other one, except for hostname and stuff like that. The configuration process was quite easy. Have shorewall full functioning on both boxes. Configure heartbeat to bring up interfaces and networking just before starting shorewall . That''s it. I have heartbeat with nice fallback on and a script that inform me that heartbeat switched. andrea> -----Original Message----- > From: shorewall-users-bounces@lists.shorewall.net > [mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of Kim > Christensen > Sent: gioved? 21 agosto 2003 22.18 > To: shorewall-users@lists.shorewall.net > Subject: [Shorewall-users] Shorewall with headbeat ? > > > Hi all > Sorry of my english, hope you understand :) > > My Shorewall is runnig just fine, and problem with local access to dmz is > solved (another mail to list, another day..) > > I have a setup with heardbeat on http server, and now i want to get on my > firewall as well. > > I just want to know if any have tried that, and get it to work ? > > Please have a nice day :) > > Kim > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003 > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >_______________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003
Sure! As soon as i can (i''m out of office and I have no ssh on my firewalls) I will tar all my heartbeat configuration files. I''ve patched a couple of heartbeat scripts (I can''t remember actually if this was for my firewalls or just for my application servers, sorry) to fit my needs. What i can remember now is that i wipped out sendmail (I hate this piece of software) and i replaced mail program with a pure smtp one. tomorrow I wil send you my files. If anyone else is interested... andrea> -----Original Message----- > From: Kim Christensen [mailto:kim@cybercode.dk] > Sent: gioved? 21 agosto 2003 23.35 > To: andrea.tassinari@i-mconsulting.com; > shorewall-users@lists.shorewall.net > Subject: SV: [Shorewall-users] Shorewall with headbeat ? > > > Great :) > > Thanks *s* > > "I have heartbeat with nice fallback > on and a script that inform me that heartbeat switched" > > My i have a look at your script ? > > Kim > > -----Oprindelig meddelelse----- > Fra: shorewall-users-bounces@lists.shorewall.net > [mailto:shorewall-users-bounces@lists.shorewall.net]P? vegne af Andrea > Tassinari > Sendt: 21. august 2003 04:55 > Til: shorewall-users@lists.shorewall.net > Emne: RE: [Shorewall-users] Shorewall with headbeat ? > > > I have a full working heartbeat+shorewall in my oorganization. > Two linux boxes are heartbeated via a serial line (I''m lazy boy... I don''t > have a double heatbeat line here... but you sholud have ;-) One box is a > perfect clone of the other one, except for hostname and stuff like that. > > The configuration process was quite easy. Have shorewall full > functioning on > both boxes. Configure heartbeat to bring up interfaces and networking just > before starting shorewall . That''s it. I have heartbeat with nice fallback > on and a script that inform me that heartbeat switched. > > andrea > > > -----Original Message----- > > From: shorewall-users-bounces@lists.shorewall.net > > [mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of Kim > > Christensen > > Sent: gioved? 21 agosto 2003 22.18 > > To: shorewall-users@lists.shorewall.net > > Subject: [Shorewall-users] Shorewall with headbeat ? > > > > > > Hi all > > Sorry of my english, hope you understand :) > > > > My Shorewall is runnig just fine, and problem with local access > to dmz is > > solved (another mail to list, another day..) > > > > I have a setup with heardbeat on http server, and now i want to > get on my > > firewall as well. > > > > I just want to know if any have tried that, and get it to work ? > > > > Please have a nice day :) > > > > Kim > > --- > > Outgoing mail is certified Virus Free. > > Checked by AVG anti-virus system (http://www.grisoft.com). > > Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003 > > > > _______________________________________________ > > Shorewall-users mailing list > > Post: Shorewall-users@lists.shorewall.net > > Subscribe/Unsubscribe: > > http://lists.shorewall.net/mailman/listinfo/shorewall-users > > Support: http://www.shorewall.net/support.htm > > FAQ: http://www.shorewall.net/FAQ.htm > > > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003 > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.511 / Virus Database: 308 - Release Date: 18-08-2003 > >
On Thu, 2003-08-21 at 08:57, Andrea Tassinari wrote:> Sure! > > As soon as i can (i''m out of office and I have no ssh on my firewalls) I > will tar all my heartbeat configuration files. I''ve patched a couple of > heartbeat scripts (I can''t remember actually if this was for my firewalls or > just for my application servers, sorry) to fit my needs. What i can remember > now is that i wipped out sendmail (I hate this piece of software) and i > replaced mail program with a pure smtp one. > > tomorrow I wil send you my files. If anyone else is interested... > > andreaI''ll second that request. I set out on that project some time ago here at work but as a sysadmin I get pulled into other projects, thus I never got to complete it. I also have many folks writing me regarding my previous threads on this subject ;-) The new heartbeat is nice since it a) brings up interfaces first and b) works well with your existing init scripts. Tom was also nice enough to ad the notnewsyn variable. The system should work very nice I''m certain. Thanks for the configs, I look forward to reviewing them. Maybe we can work on a howto for Tom? -P