|
> The problem is that now that LVS is a netfilter module,
> it was not possible to write it in the netfilter format,
> and so there are collisions between LVS rules and netfilter
> rules.
ahh.
> The specs for LVS never included it being a firewall as well.
> That was just too hard.
>
> http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO.
filter_rules.html#firewall_on_director
Is this now included in the latest code versions, 2.4.20 + 1.0.7 (?) ? It
seems like this is a lot of revisions later. The howto mentions code
integration as being possible?
> However while any arbitary grouping of rules that would be OK
> by netfilter, may not be OK in the presence of LVS, you should
> be able to get most of what you want.
Ja, back to "what is a firewall" ;)
Thanks Joe,
Peter
|
