[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pfsync

Quoting Daniel Hartmeier <[email protected]>:
> Mickey (rather silently ;) commited his pfsync to -current yesterday,
> and you might find this useful for a number of things. It's a pseudo
> device similar to pflog, but instead of logged packets, state table
> changes are sent there. Example: 
> ...
> I remember several people have asked about ways to gather statistics
> on connection level (without having to count/sum packets), and pfsync
> can help do that (though there are bigger plans for it, too ;).
All you would need is a daemon listening on another machine with the pfsync
interface sent to it and you would have a failover/loadbalancing firewall setup,
no?  Sync state across multiple firewalls?
Brent Graveland
[email protected]