Arturo Borrero Gonzalez
2012-05-11 09:08:45 UTC
Hi folks!
I've been working with HA firewall cluster for a while and I always
found that all solutions for having the same iptables rules in all
nodes of the cluster are weak.
So I wrote a wrapper for ip{set|tables|6tables} that launches the rule
locally and then, througth a SSH conection, to other previously
configured nodes.
I hope you give me some review of the idea.
The code:
https://github.com/aborrero/iptables-cluster
DEB package:
https://github.com/downloads/aborrero/iptables-cluster/iptables-cluster_0.1-1_all.deb
Some more explanation (in spanish):
http://ral-arturo.blogspot.com.es/2012/05/iptables-cluster-sincronizacion-de.html
I'm using it, with good results.
Best regards.
I've been working with HA firewall cluster for a while and I always
found that all solutions for having the same iptables rules in all
nodes of the cluster are weak.
So I wrote a wrapper for ip{set|tables|6tables} that launches the rule
locally and then, througth a SSH conection, to other previously
configured nodes.
I hope you give me some review of the idea.
The code:
https://github.com/aborrero/iptables-cluster
DEB package:
https://github.com/downloads/aborrero/iptables-cluster/iptables-cluster_0.1-1_all.deb
Some more explanation (in spanish):
http://ral-arturo.blogspot.com.es/2012/05/iptables-cluster-sincronizacion-de.html
I'm using it, with good results.
Best regards.
--
/* Arturo Borrero Gonzalez || ***@linuxmail.org */
/* Use debian gnu/linux! Best OS ever! */
/* Arturo Borrero Gonzalez || ***@linuxmail.org */
/* Use debian gnu/linux! Best OS ever! */