Hello shorewall users,
i'm currently trying to set up and redundant firewall with shorewall and
keepalived.
I have to use the providers file because i have multiple public ip adresses and
for every ip a different gateway and interface, so the traffic must be routed
back to the same interface (track option in providers) which worked fine in the
past with my standalone shorewall.
The problem at this point is, that the shorewall does not start or stop when
keepalived is in Backup state (Public IPs not bound, in /etc/network/interfaces
the public ip interfaces are defined as "inet manual") with this error message:
ERROR: Can't determine the IP address of eth3
I've tried a workaround which restarts the shorewall when keepalived notifies
the MASTER state but this also doesn't worked as expected because when the
keepalived notify script runs the ip is not completely bound which results in
the same error.
Does anyone have an idea how to fix that? Is that at all the best practice for
my case?
Thanks in advance!
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
