summaryrefslogtreecommitdiff
path: root/doc/sync
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-03-13 14:00:59 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2009-03-13 14:00:59 +0100
commit41e8560ea7c09533d03f523380c1cb5c62d87261 (patch)
tree684fdff336751ef76b1527c8f9de6af968701b4c /doc/sync
parent338d8fc2da19f5d6a75c339d9e6ecac43b68a1e4 (diff)
downloadconntrack-tools-41e8560ea7c09533d03f523380c1cb5c62d87261.tar.gz
conntrack-tools-41e8560ea7c09533d03f523380c1cb5c62d87261.zip
sync-mode: add unicast UDP support to propagate state-changes
This patch adds support for unicast UDP to the channel infrastructure. With this patch, you can select UDP unicast to propagate state-changes instead of multicast. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc/sync')
-rw-r--r--doc/sync/alarm/conntrackd.conf52
-rw-r--r--doc/sync/ftfw/conntrackd.conf52
-rw-r--r--doc/sync/notrack/conntrackd.conf52
3 files changed, 144 insertions, 12 deletions
diff --git a/doc/sync/alarm/conntrackd.conf b/doc/sync/alarm/conntrackd.conf
index cefda00..9197db3 100644
--- a/doc/sync/alarm/conntrackd.conf
+++ b/doc/sync/alarm/conntrackd.conf
@@ -88,7 +88,7 @@ Sync {
# of the sender buffer. The default size is usually around
# ~100 KBytes which is fairly small for busy firewalls.
#
- McastSndSocketBuffer 1249280
+ SndSocketBuffer 1249280
# The multicast receiver uses a buffer to enqueue the packets
# that the socket is pending to handle. The default size of this
@@ -100,7 +100,7 @@ Sync {
# the receiver buffer. The default size is usually around
# ~100 KBytes which is fairly small for busy firewalls.
#
- McastRcvSocketBuffer 1249280
+ RcvSocketBuffer 1249280
#
# Enable/Disable message checksumming. This is a good
@@ -124,10 +124,54 @@ Sync {
# Group 3781
# IPv4_interface 192.168.100.101
# Interface eth3
- # # McastSndSocketBuffer 1249280
- # # McastRcvSocketBuffer 1249280
+ # # SndSocketBuffer 1249280
+ # # RcvSocketBuffer 1249280
# Checksum on
# }
+
+ #
+ # You can use Unicast UDP instead of Multicast to propagate events.
+ # Note that you cannot use unicast UDP and Multicast at the same
+ # time, you can only select one.
+ #
+ # UDP {
+ #
+ # UDP address that this firewall uses to listen to events.
+ #
+ # IPv4_address 192.168.2.100
+
+ #
+ # Destination UDP address that receives events, ie. the other
+ # firewall's dedicated link address.
+ #
+ # IPv4_Destination_Address 192.168.2.101
+
+ #
+ # UDP port used
+ #
+ # Port 3780
+
+ #
+ # The name of the interface that you are going to use to
+ # send the synchronization messages.
+ #
+ # Interface eth2
+
+ #
+ # The sender socket buffer size
+ #
+ # SndSocketBuffer 1249280
+
+ #
+ # The receiver socket buffer size
+ #
+ # RcvSocketBuffer 1249280
+
+ #
+ # Enable/Disable message checksumming.
+ #
+ # Checksum on
+ # }
}
#
diff --git a/doc/sync/ftfw/conntrackd.conf b/doc/sync/ftfw/conntrackd.conf
index d7e4123..be78850 100644
--- a/doc/sync/ftfw/conntrackd.conf
+++ b/doc/sync/ftfw/conntrackd.conf
@@ -97,7 +97,7 @@ Sync {
# of the sender buffer. The default size is usually around
# ~100 KBytes which is fairly small for busy firewalls.
#
- McastSndSocketBuffer 1249280
+ SndSocketBuffer 1249280
# The multicast receiver uses a buffer to enqueue the packets
# that the socket is pending to handle. The default size of this
@@ -109,7 +109,7 @@ Sync {
# the receiver buffer. The default size is usually around
# ~100 KBytes which is fairly small for busy firewalls.
#
- McastRcvSocketBuffer 1249280
+ RcvSocketBuffer 1249280
#
# Enable/Disable message checksumming. This is a good
@@ -133,10 +133,54 @@ Sync {
# Group 3781
# IPv4_interface 192.168.100.101
# Interface eth3
- # # McastSndSocketBuffer 1249280
- # # McastRcvSocketBuffer 1249280
+ # # SndSocketBuffer 1249280
+ # # RcvSocketBuffer 1249280
# Checksum on
# }
+
+ #
+ # You can use Unicast UDP instead of Multicast to propagate events.
+ # Note that you cannot use unicast UDP and Multicast at the same
+ # time, you can only select one.
+ #
+ # UDP {
+ #
+ # UDP address that this firewall uses to listen to events.
+ #
+ # IPv4_address 192.168.2.100
+
+ #
+ # Destination UDP address that receives events, ie. the other
+ # firewall's dedicated link address.
+ #
+ # IPv4_Destination_Address 192.168.2.101
+
+ #
+ # UDP port used
+ #
+ # Port 3780
+
+ #
+ # The name of the interface that you are going to use to
+ # send the synchronization messages.
+ #
+ # Interface eth2
+
+ #
+ # The sender socket buffer size
+ #
+ # SndSocketBuffer 1249280
+
+ #
+ # The receiver socket buffer size
+ #
+ # RcvSocketBuffer 1249280
+
+ #
+ # Enable/Disable message checksumming.
+ #
+ # Checksum on
+ # }
}
#
diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf
index 884d536..173eab5 100644
--- a/doc/sync/notrack/conntrackd.conf
+++ b/doc/sync/notrack/conntrackd.conf
@@ -76,7 +76,7 @@ Sync {
# Note: This protocol is best effort, it is really recommended
# to increase the buffer size.
#
- McastSndSocketBuffer 1249280
+ SndSocketBuffer 1249280
# The multicast receiver uses a buffer to enqueue the packets
# that the socket is pending to handle. The default size of this
@@ -90,7 +90,7 @@ Sync {
# Note: This protocol is best effort, it is really recommended
# to increase the buffer size.
#
- McastRcvSocketBuffer 1249280
+ RcvSocketBuffer 1249280
#
# Enable/Disable message checksumming. This is a good
@@ -114,10 +114,54 @@ Sync {
# Group 3781
# IPv4_interface 192.168.100.101
# Interface eth3
- # # McastSndSocketBuffer 1249280
- # # McastRcvSocketBuffer 1249280
+ # # SndSocketBuffer 1249280
+ # # RcvSocketBuffer 1249280
# Checksum on
# }
+
+ #
+ # You can use Unicast UDP instead of Multicast to propagate events.
+ # Note that you cannot use unicast UDP and Multicast at the same
+ # time, you can only select one.
+ #
+ # UDP {
+ #
+ # UDP address that this firewall uses to listen to events.
+ #
+ # IPv4_address 192.168.2.100
+
+ #
+ # Destination UDP address that receives events, ie. the other
+ # firewall's dedicated link address.
+ #
+ # IPv4_Destination_Address 192.168.2.101
+
+ #
+ # UDP port used
+ #
+ # Port 3780
+
+ #
+ # The name of the interface that you are going to use to
+ # send the synchronization messages.
+ #
+ # Interface eth2
+
+ #
+ # The sender socket buffer size
+ #
+ # SndSocketBuffer 1249280
+
+ #
+ # The receiver socket buffer size
+ #
+ # RcvSocketBuffer 1249280
+
+ #
+ # Enable/Disable message checksumming.
+ #
+ # Checksum on
+ # }
}
#