This page has moved. Please go here
Lundman's Unix Projects


NetBSD Rules!
L4ip
 
About .  Features .  Source .  Changelog .  Screenshots .  Example config . 
  About
L4 Health Check Daemon for IP Filter.

  Features
  • Define as many clusters, with as many members as you need.
  • Automatically adds and removes "ipnat" rules as needed.
  • Flexible health check support, tcp-open, tcp-close, udp-open, udp-close, system.
  • Simple scripting available for health checks in send/expect syntax with fnmatch pattern comparison
  • Binary protocol supported in url-encoding style syntax (eg %0D)
  • system() like execution of external commands available. (spawn your own health-check testers)
  • Reload and restart leaving last-known-state available for less service impact.
  • SSL supported for TCP testers.
  • Optional IPF rules to sense RST return-packets for faster failure detection.
Please note, it will probably only work with recent versions of "IPFilter", such like V4.1 and above. It also requires to be compiled against IPFilter's header files (ip_fil.h, ip_nat.h, etc) but these are often not included with the Operating System.

News: Just added support to execute the "ipnat" command for better support and portability. This is not as efficient as using ioctl()s but much easier to compile. It should work with nearly all versions of IP Filter without any modifications to the OS.

  Source
Available in CVS under "l4ip"
Earlier (latest stable) tarball is available here:
l4ip-v1.0.b294.tgz
l4ip-v1.0.b269.tgz
l4ip-v1.0.b248.tgz

  Changelog
l4ip_commitlog.txt

  Screenshots
Not much use for screenshots in daemons!
screen shot 1

  Example config