Date: Wed, 24 Jan 2007 16:18:12 -0500 (EST) From: "Dan Mahoney, System Admin" <danm@prime.gushi.org> To: applecom@inbox.ru Cc: questions@freebsd.org Subject: Re: Problem with "ipfw flush" Message-ID: <20070124161732.N55095@prime.gushi.org> In-Reply-To: <op.tmofw2nzhbloih@xml.opera.com> References: <20070124152310.E82156@prime.gushi.org> <op.tmofw2nzhbloih@xml.opera.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 Jan 2007, applecom@inbox.ru wrote:
>> In trying to tweak my firewall setup I'm using a file called
>> /etc/ipfw.rules
>>
>> However, it seems even though I copy my rules perfectly to that file, the
>> system freezes up and locks me out when I do:
>>
>> ipfw -f flush; ipfw /etc/ipfw.rules
>>
>> I've also tried doing it as
>>
>> ipfw -f flush && ipfw /etc/ipfw.rules
>>
>> But to no avail.
>
> Firewall script is a common shell script. You don't need to run 'ipfw
> <script>'.
> Flushing the rules is usually done by script itself.
> For example:
> #!/bin/sh
> ipfw="/sbin/ipfw"
> ${ipfw} -f flush
> ${ipfw} <rule>
> ${ipfw} <rule>
> ${ipfw} <rule>
> ...
> This file should be executable (chmod +x). You can also put any non-ipfw
> additional commands in this file if you want.
> Try to make such script, execute it and write again about the results.
Well, I'm trying to be compliant with /etc/rc.firewall's expectations for
a rules file, which IS called with ipfw "rules.file"
-Dan
--
<Gushi> And hello kitty does not have a mouth.
<bizzy> . o O ( oh yes she does )
EfNet #macintosh, 2/21/01, some ridiculous hour of the morning
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070124161732.N55095>