firewall 'stateful failover'

From: Mike Hoskins (mike@adept.org)
Date: 06/11/02 

Date: Mon, 10 Jun 2002 16:10:56 -0700 (PDT)
From: Mike Hoskins <mike@adept.org>
To: <security@freebsd.org>

Is there a way to handle the state table in ipfw/ipf? I could write
scripts to do 'failover', but I'm wandering if there's a way to 'share'
the state table between active and standby units or to pass the state
table from one firewall to another over a crossover.

I've briefly searched Google for 'BSD Firewall Failover', but didn't find
a whole lot. I'm looking for pointers to existing solutions, as well as
generalized ideas (about good ways to do this, if it hasn't been done
yet). Of course I ideally want pointers to opensource solutions... If
none exist, this could be a fun project. However, I find it hard to
believe this wheel hasn't already been carved out of stone.

Later,
-Mike 

--
"They that can give up essential liberty to obtain a little temporary
 safety deserve neither liberty nor safety."  --Benjamin Franklin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message