diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-03-13 14:00:59 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-03-13 14:00:59 +0100 |
commit | 41e8560ea7c09533d03f523380c1cb5c62d87261 (patch) | |
tree | 684fdff336751ef76b1527c8f9de6af968701b4c /doc/sync | |
parent | 338d8fc2da19f5d6a75c339d9e6ecac43b68a1e4 (diff) | |
download | conntrack-tools-41e8560ea7c09533d03f523380c1cb5c62d87261.tar.gz conntrack-tools-41e8560ea7c09533d03f523380c1cb5c62d87261.zip |
sync-mode: add unicast UDP support to propagate state-changes
This patch adds support for unicast UDP to the channel
infrastructure. With this patch, you can select UDP unicast to
propagate state-changes instead of multicast.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc/sync')
-rw-r--r-- | doc/sync/alarm/conntrackd.conf | 52 | ||||
-rw-r--r-- | doc/sync/ftfw/conntrackd.conf | 52 | ||||
-rw-r--r-- | doc/sync/notrack/conntrackd.conf | 52 |
3 files changed, 144 insertions, 12 deletions
diff --git a/doc/sync/alarm/conntrackd.conf b/doc/sync/alarm/conntrackd.conf index cefda00..9197db3 100644 --- a/doc/sync/alarm/conntrackd.conf +++ b/doc/sync/alarm/conntrackd.conf @@ -88,7 +88,7 @@ Sync { # of the sender buffer. The default size is usually around # ~100 KBytes which is fairly small for busy firewalls. # - McastSndSocketBuffer 1249280 + SndSocketBuffer 1249280 # The multicast receiver uses a buffer to enqueue the packets # that the socket is pending to handle. The default size of this @@ -100,7 +100,7 @@ Sync { # the receiver buffer. The default size is usually around # ~100 KBytes which is fairly small for busy firewalls. # - McastRcvSocketBuffer 1249280 + RcvSocketBuffer 1249280 # # Enable/Disable message checksumming. This is a good @@ -124,10 +124,54 @@ Sync { # Group 3781 # IPv4_interface 192.168.100.101 # Interface eth3 - # # McastSndSocketBuffer 1249280 - # # McastRcvSocketBuffer 1249280 + # # SndSocketBuffer 1249280 + # # RcvSocketBuffer 1249280 # Checksum on # } + + # + # You can use Unicast UDP instead of Multicast to propagate events. + # Note that you cannot use unicast UDP and Multicast at the same + # time, you can only select one. + # + # UDP { + # + # UDP address that this firewall uses to listen to events. + # + # IPv4_address 192.168.2.100 + + # + # Destination UDP address that receives events, ie. the other + # firewall's dedicated link address. + # + # IPv4_Destination_Address 192.168.2.101 + + # + # UDP port used + # + # Port 3780 + + # + # The name of the interface that you are going to use to + # send the synchronization messages. + # + # Interface eth2 + + # + # The sender socket buffer size + # + # SndSocketBuffer 1249280 + + # + # The receiver socket buffer size + # + # RcvSocketBuffer 1249280 + + # + # Enable/Disable message checksumming. + # + # Checksum on + # } } # diff --git a/doc/sync/ftfw/conntrackd.conf b/doc/sync/ftfw/conntrackd.conf index d7e4123..be78850 100644 --- a/doc/sync/ftfw/conntrackd.conf +++ b/doc/sync/ftfw/conntrackd.conf @@ -97,7 +97,7 @@ Sync { # of the sender buffer. The default size is usually around # ~100 KBytes which is fairly small for busy firewalls. # - McastSndSocketBuffer 1249280 + SndSocketBuffer 1249280 # The multicast receiver uses a buffer to enqueue the packets # that the socket is pending to handle. The default size of this @@ -109,7 +109,7 @@ Sync { # the receiver buffer. The default size is usually around # ~100 KBytes which is fairly small for busy firewalls. # - McastRcvSocketBuffer 1249280 + RcvSocketBuffer 1249280 # # Enable/Disable message checksumming. This is a good @@ -133,10 +133,54 @@ Sync { # Group 3781 # IPv4_interface 192.168.100.101 # Interface eth3 - # # McastSndSocketBuffer 1249280 - # # McastRcvSocketBuffer 1249280 + # # SndSocketBuffer 1249280 + # # RcvSocketBuffer 1249280 # Checksum on # } + + # + # You can use Unicast UDP instead of Multicast to propagate events. + # Note that you cannot use unicast UDP and Multicast at the same + # time, you can only select one. + # + # UDP { + # + # UDP address that this firewall uses to listen to events. + # + # IPv4_address 192.168.2.100 + + # + # Destination UDP address that receives events, ie. the other + # firewall's dedicated link address. + # + # IPv4_Destination_Address 192.168.2.101 + + # + # UDP port used + # + # Port 3780 + + # + # The name of the interface that you are going to use to + # send the synchronization messages. + # + # Interface eth2 + + # + # The sender socket buffer size + # + # SndSocketBuffer 1249280 + + # + # The receiver socket buffer size + # + # RcvSocketBuffer 1249280 + + # + # Enable/Disable message checksumming. + # + # Checksum on + # } } # diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf index 884d536..173eab5 100644 --- a/doc/sync/notrack/conntrackd.conf +++ b/doc/sync/notrack/conntrackd.conf @@ -76,7 +76,7 @@ Sync { # Note: This protocol is best effort, it is really recommended # to increase the buffer size. # - McastSndSocketBuffer 1249280 + SndSocketBuffer 1249280 # The multicast receiver uses a buffer to enqueue the packets # that the socket is pending to handle. The default size of this @@ -90,7 +90,7 @@ Sync { # Note: This protocol is best effort, it is really recommended # to increase the buffer size. # - McastRcvSocketBuffer 1249280 + RcvSocketBuffer 1249280 # # Enable/Disable message checksumming. This is a good @@ -114,10 +114,54 @@ Sync { # Group 3781 # IPv4_interface 192.168.100.101 # Interface eth3 - # # McastSndSocketBuffer 1249280 - # # McastRcvSocketBuffer 1249280 + # # SndSocketBuffer 1249280 + # # RcvSocketBuffer 1249280 # Checksum on # } + + # + # You can use Unicast UDP instead of Multicast to propagate events. + # Note that you cannot use unicast UDP and Multicast at the same + # time, you can only select one. + # + # UDP { + # + # UDP address that this firewall uses to listen to events. + # + # IPv4_address 192.168.2.100 + + # + # Destination UDP address that receives events, ie. the other + # firewall's dedicated link address. + # + # IPv4_Destination_Address 192.168.2.101 + + # + # UDP port used + # + # Port 3780 + + # + # The name of the interface that you are going to use to + # send the synchronization messages. + # + # Interface eth2 + + # + # The sender socket buffer size + # + # SndSocketBuffer 1249280 + + # + # The receiver socket buffer size + # + # RcvSocketBuffer 1249280 + + # + # Enable/Disable message checksumming. + # + # Checksum on + # } } # |