Date: Wed, 22 Dec 2010 10:08:01 -0500 From: "Alexander Verbod" <UMLLMTHW8EWBC7QMJE.3FZA88RFFWF@gmx.com> To: bug-followup@FreeBSD.org Cc: freebsd-ipfw@freebsd.org, Chris St Denis <chris@smartt.com> Subject: Re: bin/153252: [ipfw][patch] ipfw lockdown system in subsequent call of "/etc/rc.d/ipfw start" Message-ID: <20101222151709.20070@gmx.com>
index | next in thread | raw e-mail
Chris St Denis <chris@smartt.com> wrote:
> If I understand this problem correctly, the lockdown is caused by the
> ssh session getting killed off between the "${fwcmd} -f flush" and the
> subsequent add rules in rc.firewall (or other user-defined custom script).
You right, "${fwcmd} -f flush" will broke connection to remote machine and start
up script stop its execution, so no any firewall's rules applied and only
default 65536 deny rule is in charge.
>
> If this is the case, couldn't the issue be resolved with a simple patch
> along the lines of this?
>
> + /usr/bin/nohup /bin/sh "${firewall_script}"
/usr couldn't be available on start up time, so IMHO it will be better
to use /bin/sh -T .... as I already show it in the previous post.
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101222151709.20070>