Date: 05 Aug 2002 18:38:01 -0500 From: Craig Boston <craig@meoqu.gank.org> To: Dan Langille <dan@langille.org> Cc: FreeBSD-stable@FreeBSD.ORG Subject: Re: making sure ipf doesn't lock you out during rule changes (was Re: remote upgrade stops ssh connections) Message-ID: <1028590686.881.13.camel@aldaris2.auir.gank.org> In-Reply-To: <3D4E299C.6846.11C676EE@localhost> References: <5.1.1.6.0.20020804190542.04edb8b0@marble.sentex.ca> <3D4E299C.6846.11C676EE@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2002-08-05 at 06:30, Dan Langille wrote: > On 5 Aug 2002 at 10:22, Dmitry Morozovsky wrote: > > echo reboot | at +1hour > > > > would be an protective weapon (like reload in 10 minutes for remote > > Cisco, you know ;-) > > That reminds me of this tip/trick I use when changing ipf rules: > > ipf -s -Fa -f /etc/ipf.rules && sleep 10 && ipf -s To anyone on the list who doesn't already know, make sure you do both of these in a screen session or something similar. I use similar tricks when changing routing/firewall settings, but sometimes (usually if ICMP unreachables start getting generated), the ssh connection gets closed before the timeout, and the shell dies when its controlling terminal goes away. Running the command in screen solves this of course :) Craig To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1028590686.881.13.camel>