[ previous ] [ next ] [ threads ]
 
 From:  "Tonix (Antonio Nati)" <tonix at interazioni dot it>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  CARP and OUT rules
 Date:  Wed, 07 Sep 2011 14:19:42 +0200 
I ask again for two features which would semplify enourmously usage of 
monowall in larger networks.

CARP

    It would be fine just to have CARP, with no additional features: if
    a box goes down, another one takes the job. It would not be
    important to mantain states, as this would be an extreme situation
    to manage, where people can restart connections without problems.

OUT rules

    Possibility to choose if all rules apply to incoming or outgoing
    connections:
    If incoming, rules would apply as now. Now, with more interfaces, we
    are forced to write same rules on all interfaces, in order to
    protect services.
    If outgoing, rules would be applied on outgoing interface. This
    would semplify management of more interfaces, because rules would be
    written only once and only on outgoing interface.
    As alternative, mantaining actual incoming rules, it would be nice
    to have one PRE-RULES panel which rules would be applied to any
    interface, before interface local rules.

Regards,

Tonino

-- 
------------------------------------------------------------
         Inter@zioni            Interazioni di Antonio Nati
    http://www.interazioni.it      tonix at interazioni dot it
------------------------------------------------------------