[Firehol-support] Firehol 2xISP Failover Config - Please Help

[Daniel Pittman]

Andrei Veronika (aka MacGuru) <andreil1 at starlett.lv> writes:

> I have SuSE Linux server which acts as 2-interface router & firewall with
> firehol package for firewalling setup.
>
> Now we would like to add backup net line to another ISP via third net
> interface. so if connection to ISP#1 fail, all traffic will be automatically
> switched to ISP#2. Once ISP#1 becomes available again, firewall/router
> should be switched back.
>
> Anyone have any clue how to do it with firehol ?

Firehol is the wrong tool for this.  You should simply write your firewall
rules so that the appropriate restrictions are in place regardless of which
path packets are taking.

> Checking net connections probably have to be done via cron script and 1 min
> interval.

Simply adjust your default route in response to the check failing.

Personally I would have both default routes present and adjust the metric, but
you could also add and remove the routes appropriately.

Anyway, firehol (and any other firewall tool) are not the solution you need.

Regards,
        Daniel
-- 
✣ Daniel Pittman            ✉ daniel at rimspace.net            ☎ +61 401 155 707
               ♽ made with 100 percent post-consumer electrons