Having some difficulty with scripting this properly
I'm about to implement a failover script that uses netwatch and tests for reachability of a public IP address. If a route is unreachable it'll purge the firewall connection table
The problem is this is not selective, it will purge the entire connection table. Ergo if say a backup 4G route is running this script and is a bit unreliable it's going to keep killing VoIP sessions and all other traffic on the primary as well
I can't find an easy reliable method to match firewall connections for a specific interface, since it doesn't record the interface - only IP addresses
I can't statically write the IP address into the script because they can change over time. And this is a dynamic script I need to deploy to hundreds of routers
Any help?