Date: Wed, 20 Apr 2005 15:28:17 +0200 From: Jared Earle <jearle@gmail.com> To: freebsd-stable@freebsd.org Subject: Re: Remote firewall changes, Was: Newbie Question About System Update Message-ID: <5bbc0cd605042006285bdab516@mail.gmail.com> In-Reply-To: <52607941c4729226852cde5d42f7085e@ish.com.au> References: <426447F8.5090209@charter.net> <200504191317.j3JDH76H001458@drjekyll.mkbuelow.net> <20050419120053.6ad17df1.wmoran@potentialtech.com> <42655B8E.5020603@mac.com> <42655DD9.7020300@t-hosting.hu> <20050419200510.GA38661@uws1.starlofashions.com> <52607941c4729226852cde5d42f7085e@ish.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/20/05, Aristedes Maniatis <ari@ish.com.au> wrote: > Yes, that would be me. But someone taught me a great trick...the "at" > command. So, just before you blow away your access with changes to > ipfw, do this: >=20 > echo "ipfw add 1 pass all from any to any" at now +10 minutes >=20 > Then if all goes OK, use atq to remove the queue item. If not, wait 10 > minutes... I use a crontab that runs ~/deadman.sh every 10 minutes. Usually, it's empty, but occasionally, I add flush rules, nat reset rules, etc. You can also have a file in your ~/ that you 'touch' every so often, like a real deadman's brake. Using stat, (usually in perl for me) you can check that it's been touched in the past hour (or however long) and deal with stuff accordingly. --=20 Jared Earle :: http://www.23x.net =20 jearle@gmail.com :: There is no SPORK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5bbc0cd605042006285bdab516>