From owner-freebsd-questions Thu May 24 18:37:27 2001 Delivered-To: freebsd-questions@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id A077337B423 for ; Thu, 24 May 2001 18:37:23 -0700 (PDT) (envelope-from DougB@DougBarton.net) Received: from DougBarton.net (master [10.0.0.2]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id SAA19156; Thu, 24 May 2001 18:37:20 -0700 (PDT) (envelope-from DougB@DougBarton.net) Message-ID: <3B0DB74F.7289B884@DougBarton.net> Date: Thu, 24 May 2001 18:37:19 -0700 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Steve Price Cc: questions@FreeBSD.ORG Subject: Re: reloading firewall rules remotely References: <20010501113630.W62347@bsd.havk.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Steve Price wrote: > > Ok now I feel more stupid that I usually do. What is the proper > method to reloading ipfw rules from a remote box? I thought > running it in the background worked but evidently not. :( While the advice you got on this old thread was mostly good, the most obvious solution was not stated. Namely, make your default rule "accept" by including that kernel option. Then you can reload rules all day long and not have to worry, unless you need the ultra-paranoid protection that having the default of "deny" gives you. -- I need someone really bad. Are you really bad? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message