here is a followup to the discussion.
I have gone over the suggestions that Michael made back in June and
implemented most of them. New packages (v3.1.0 build 1187) are on
the server, ready for download.
Please test and let me know if I forgot something.
Here is a summary of changes:
- interface types for the interfaces of the cluster object have been
deprecated. In fact, cluster interface objects have no attributes at
all except for the name and comment and child objects for the member
groups and addresses. Cluster interfaces are pure abstraction, they
are there only to represent corresponding interface of the member
firewall.
- cluster interface can have name "lo" or "lo0" with address
127.0.0.1 or ::1, in which case it is recognized as loopback and
mapped to the loopback interface of the member firewall during compile
- failover protocol is configured in the member group object (a
child of an interface of a cluster). All parameters for the failover
protocol are also configured in the same object.
- for the heartbeat failover protocol cluster interfaces should have
names "eth0", "eth1"
- for the vrrp failover protocol cluster interfaces should have
names "vrrp0", "vrrp1" etc. The program adds policy rules to permit
VRRP if this protocol is used.
- for carp failover protocol names should be "carp0", "carp1" etc.
The program also adds policy rules to permit CARP if this protocol is
used.
- lists of state sync and failover protocols in all drop-down GUI
elements are limited to those supported by chosen host OS
- policy compilers abort if they encounter unsupported state sync or
failover protocol type for given host OS setting (this can happen if
you try to migrate the cluster from one OS to another and compile mid-
way)
- "new cluster" wizard has been improved to not assume failover
protocol is always VRRP. It now offers a choice of protocols.
- Cluster objects moved to a dedicated folder at the top level, next
to "Firewalls"
- the way the program works with bridging has changed. Instead of
the checkbox "bridge port" a subinterface is now used. The program
shows a dialog with more details on this on start-up. This requires
manual changes in the objects, it could not be automated.
- support for the configuration of bonding interfaces for host os
"Linux"
- the program automatically uses proper parameters for the vconfig
command depending on the choice of the vlan interface name
- it is possible to configure a bonding interface and then have vlan
subinterfaces under it
- new icons set, including icons for the new objects Cluster, state
sync and failover groups.
--vk
------------------------------------------------------------------------------
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion
