Date: Wed, 16 Feb 2005 16:25:30 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Denis Peplin <den@FreeBSD.org> Cc: freebsd-doc@FreeBSD.org Subject: Re: [PATCH] handbook/firewalls: rewrite warning Message-ID: <20050216152529.GA24104@eddie.nitro.dk> In-Reply-To: <42136211.9080908@FreeBSD.org> References: <42136211.9080908@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.02.16 18:09:05 +0300, Denis Peplin wrote: > <warning> > - <para>When working with the firewall rules, always, > - always do it on the console of the system running the > - firewall or you can end up locking your self out. > - Alternatively, you may setup a cronjob to flush the > - firewall rules say every five minutes. > - This may not be acceptable for a corporate firewall, > - but should be ok for a home firewall.</para> > + <para>When working with the firewall rules, be > + <emphasis>very careful</emphasis>. Some configurations > + <emphasis>will lock yourself out</emphasis> of the server. > + To be on the safe side, you may wish to consider performing > + the initial firewall configuration from the local console > + rather than via <application>ssh</application>.</para> I would suggest something like: + rather than doing it remotely e.g. via <application>ssh</application>.= </para> Just to be a bit more general. Other than that it looks good to me. --=20 Simon L. Nielsen --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCE2Xph9pcDSc1mlERApgUAJ9HhUJBkeP1NkQ6UVA9bIUr8Wa5zwCeO54w xmb8DOX922Qspq/y/SI6jRs= =UusJ -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050216152529.GA24104>