From owner-freebsd-questions@FreeBSD.ORG  Sun Mar  6 19:13:25 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DBF6916A4CE
	for <freebsd-questions@freebsd.org>;
	Sun,  6 Mar 2005 19:13:25 +0000 (GMT)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E106B43D1D
	for <freebsd-questions@freebsd.org>;
	Sun,  6 Mar 2005 19:13:24 +0000 (GMT)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1D816G-00042P-RQ
	for freebsd-questions@freebsd.org; Sun, 06 Mar 2005 20:07:36 +0100
Received: from jrpenn.demon.co.uk ([194.222.241.254])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <freebsd-questions@freebsd.org>; Sun, 06 Mar 2005 20:07:36 +0100
Received: from jeff+list+news by jrpenn.demon.co.uk with local (Gmexim 0.1
	(Debian))        id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Sun, 06 Mar 2005 20:07:36 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: Jeff Penn <jeff+list+news@jrpenn.demon.co.uk>
Date: Sun, 6 Mar 2005 19:07:25 +0000 (UTC)
Lines: 21
Message-ID: <slrnd2b9jr.1oni.jeff+list+news@beastie.jrpenn.demon.co.uk>
References: <421A21F4.1050509@cwazy.co.uk>
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: jrpenn.demon.co.uk
User-Agent: slrn/0.9.8.1 (FreeBSD)
Sender: news <news@sea.gmane.org>
X-Gmane-MailScanner: Found to be clean
X-Gmane-MailScanner: Found to be clean
X-MailScanner-From: freebsd-questions@m.gmane.org
X-MailScanner-To: freebsd-questions@freebsd.org
Subject: Re: IPFW config
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Mar 2005 19:13:26 -0000

SigmaX <scottclansman@cwazy.co.uk>:
> I have a FreeBSD 5.3 server that I access over SSH.  I followed the 
> handbook guide to loading the ipfw kernel module to setup a firewall.  I 
> made the mistake the other day of loading the firewall, which defaults 
> to block all, and rebooting, so I couldn't get into the system again 
> (Had to drive in and fix it :-P).  Anyway, what I need to know is how to 

/usr/share/examples/ipfw/change_rules.sh:
# Change ipfw(8) rules with safety guarantees for remote operation
#
# Invoke this script to edit ${firewall_script}. It will call ${EDITOR},
# or vi(1) if the environment variable is not set, for you to edit
# ${firewall_script}, ask for confirmation, and then run
# ${firewall_script}. You can then examine the output of ipfw list and
# confirm whether you want the new version or not.
#
# If no answer is received in 30 seconds, the previous
# ${firewall_script} is run, restoring the old rules (this assumes ipfw
# flush is present in it).

Jeff