Displaying 20 results from an estimated 60000 matches similar to: "Shorewall and keepalived"
2005 Mar 15
2
shorewall restart with keepalived (redundant firewalls)
Hello,
First , thanks to Tom for it''s great job ! Netfilter is really easy
and powerfull with shorewall.
So, I have configured two firewalls whith shorewall using keepalived
for the redundant VRRP stuff.
FW-a is MASTER and FW-b is BACKUP.
Everything works correctly and FW-b upgrade to MASTER when FW-a is
down or disconnected. FW-b downgrade to BACKUP when FW-a comes back.
But when I
2003 Oct 29
5
shorewall question
I am currently using shorewall on leaf-bering. I have set it up with
keepalived to create a high availabilty firewall cluster. I have an odd
question in regards to shorewall. Currently in production I have
keepalived controlling shorewall starts and stops. If I remove this and
leave shorewall running on the backup firewall, will I run into any
problems with having the nat tables built out and
2015 Sep 29
3
Keepalived vrrp problem
Hey guys,
I'm trying to install keepalived 1.2.19 on a centos 6.5 machine. I did an
install from source.
And when I start keepalived this is what I'm seeing in the logs. It's
reporting that the VRRP_Instance(VI_1) Now in FAULT state.
Here's more of that log entry:
Sep 29 12:06:58 USECLSNDMNRDBA Keepalived_vrrp[44943]: VRRP Instance = VI_1
Sep 29 12:06:58 USECLSNDMNRDBA
2011 May 18
0
Can't build Keepalived 1.2.1 on CentOS-4
Hello,
I get this error when trying to build Keepalived 1.2.1 on a CentOS-4 box:
# gcc -g -O2 (..) -D_WITH_LVS_ -D_WITH_VRRP_ -c smtp.c
In file included from ../include/vrrp.h:31,
from ../include/smtp.h:34,
from smtp.c:27:
*../include/vrrp_ipaddress.h:32:27: linux/if_addr.h: No such file or directory*
In file included from ../include/vrrp.h:31,
2017 Sep 17
0
keepalived segfault after upgrade to 7.4
Prior to upgrading to CentOS 7.4 everything was fine, after upgrade I'm
seeing
/etc/keepalived# keepalived -f /etc/keepalived/keepalived.conf --dont-fork
--log-console --log-detail --dump-conf -m -v
Starting VRRP child process, pid=17224
Registering Kernel netlink reflector
Registering Kernel netlink command channel
Registering gratuitous ARP shared channel
Opening file
2003 Mar 04
7
New Firewall setup recommendations?
Hello all.
I''m about to set up a new firewall on an old 400 MHz K6-2 machine. What
is the recommended, or most common way to go about it?
I was thinking of doing a MINIMUM install of RedHat 8 (the option where
they actually say "used for setting up things like firewalls") and then
installing shorewall on top of that. Would this leave me with anything
crucial missing in my
2007 Jun 14
1
Conntrackd and shorewall
Hi,
I´m trying use conntrackd, shorewall and keepalived.
Conntrackd (now know as conntrack-tools) is working ok, keepalived
too, but i don´t know how to put some iptables rules in shorewall.
eth0 is the local area (192.168.0.0/24)
eth1 is the net area (192.168.1.0/24)
[1] iptables -P FORWARD DROP
[2] iptables -A FORWARD -i eth0 -m state --state ESTABLISHED,RELATED -
j ACCEPT
[3] iptables -A
2015 Sep 29
1
Keepalived vrrp problem
Em 29-09-2015 15:03, Gordon Messmer escreveu:
> On 09/29/2015 09:14 AM, Tim Dunphy wrote:
>> And if I do an ifconfig command I see no evidence of an eth1 existing.
>
> "ifconfig -a" will show you all of your interfaces.
Maybe there is a confusion here. Sounds like Tim thought keepalived
would create that eth1, like a tunnel interface, but it won't. You have
to
2016 Mar 01
1
[Bug 1053] New: connection tracker integration issue
https://bugzilla.netfilter.org/show_bug.cgi?id=1053
Bug ID: 1053
Summary: connection tracker integration issue
Product: conntrack-tools
Version: unspecified
Hardware: i386
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: conntrack-daemon
Assignee:
2005 May 25
2
Firewall failover
Hi all,
We are investigating on firewall failover design. I have searched the
net and found that projects like LVS have it mostly solved for their
side but that netfilter lacks it.
Of course, a simple failover of the firewall is available using things
like VRRP (KeepAlive software) but without state syncronization, and
that is preciselly the part we need to investigate.
Is this issue
2009 Mar 14
0
shorewall, ucarp & conntrackd on debian
hi
i''ve not found many hints on shorewall/ucarp/conntrackd topic. i''m
sharing this with the list, so that i''m able to search and find it the
next time. :)
i''ve setup 2 identical systems with shorewall, ucarp and conntrackd in
an active/backup way. ucarp just calls ifup/ifdown, all network configuration
is maintained in /etc/network/interfaces (Debian),
2003 Oct 31
2
Running two shorewall processes.
When shorewall starts up does it completely flush any other iptables
rule sets or nat entries that are already in there?
Or
Can I run two instances of shorewall each loading a different set of
rules and a different set of IP addresses in the NAT table and have each
one only control what it adds?
2005 Jun 24
8
The Shorewall list server is back on line
There was a lengthy power failure here in Shoreline this morning and my
firewall did not come back up when power was restored. The firewall is
now up and service to the server has been restored.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \
2015 Sep 29
0
Keepalived vrrp problem
On 09/29/2015 09:14 AM, Tim Dunphy wrote:
> And if I do an ifconfig command I see no evidence of an eth1 existing.
"ifconfig -a" will show you all of your interfaces.
2015 Mar 19
0
CEEA-2015:0703 CentOS 6 keepalived Enhancement Update
CentOS Errata and Enhancement Advisory 2015:0703
Upstream details at : https://rhn.redhat.com/errata/RHEA-2015-0703.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
893386b534fbeda5a2f1702fab60cc087b037ece82635bb316c3e13fb5856e83 keepalived-1.2.13-5.el6_6.i686.rpm
x86_64:
2005 Feb 21
1
keepalived on centos 3.4
Is anyone successfully using dag's keepalived-1.1.10-1.1.el3.rf on
centos 3.4?
It's giving me some strange issues (LVS Topology never shows up, even
though I can manually set it w/ ipvsadm)
Attempting to rebuild it has been less than successful, as anyone who
tries will see in their appropriate BUILD/keepalived-1.1.10/config.log
and in the rpmbuild output. It complains about openssl
2003 Aug 12
1
Shorewall Keeps sending false IP Address Conflict
Dear All,
After installing Shorewall, on a router with 4 NIC, seems running ok.
Next day, when connecting from clients, (MS) we keep getting ip conflict for non-conflicting ip addresses.
Any help is appreciated.
Detals of Startup:
+ shift
+ nolock=
+ ''['' 1 -gt 1 '']''
+ trap ''my_mutex_off; exit 2'' 1 2 3 4 5 6 9
+ command=start
+
2014 Nov 12
0
Keepalived - spurious failovers
Hello,
We are using CentOS 6.6 and keepalived 1.2.13 on two servers for
failover, no load-balancing. Failover is governed by the NIC being
present, and the Apache and Tomcat processes being present. Both servers
are configured as 'EQUAL' (not master/backup). An initial priority of
100 is set, and if a process or NIC fails, then this is reduced by 60 -
causing a lower priority to be seen
2017 May 26
0
CEBA-2017:1305 CentOS 7 keepalived BugFix Update
CentOS Errata and Bugfix Advisory 2017:1305
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1305.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
14c601eb6b4c0822d34a1d0b1feaca81c00f8dd95c1b4ea6a5dfd9d504185c25 keepalived-1.2.13-9.el7_3.x86_64.rpm
Source:
2019 Jul 31
0
CEBA-2019:1877 CentOS 7 keepalived BugFix Update
CentOS Errata and Bugfix Advisory 2019:1877
Upstream details at : https://access.redhat.com/errata/RHBA-2019:1877
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
259a12a1d3cd1c507dcfbd58d6d6fc63113a2e4ed7c1f5b061526d2426712b5c keepalived-1.3.5-8.el7_6.5.x86_64.rpm
Source: