Date: 04 Dec 2002 11:02:14 -0500 From: Dan Pelleg <daniel+bsd@pelleg.org> To: Steve Bertrand <iaccounts@northnetworks.ca> Cc: freebsd-ipfw@freebsd.org Subject: Re: Auto-recover Message-ID: <u2sel8x4vsp.fsf@gs166.sp.cs.cmu.edu> In-Reply-To: <3DEE16D7.1020706@northnetworks.ca> References: <3DEE16D7.1020706@northnetworks.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Steve Bertrand <iaccounts@northnetworks.ca> writes: > No matter what I do, the auto-recover script (change_rules.sh) will not > process my new rules properly when connected via ssh. I suspect that this > is due to the flush at the top of my rules script. After modification of my > firewall script, I have to log back into the box and the old rules are > re-loaded. Is there something special that I have to add or remove from my > ruleset to make this process work properly? > > You can try adding this to /etc/rc.conf: firewall_quiet="YES" Alternatively, try a scheme that doesn't require a flush. I've written something along these lines, and it lets you update just the part of the ruleset you want (say, www or mail rules). If you want to play with it, the announcement is here: http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=509128+512111+/usr/local/www/db/text/2002/freebsd-stable/20021124.freebsd-stable It installs just like a port and is rc.firewall compatible (up to the part where you plug in your own rules and hosts). -- Dan Pelleg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?u2sel8x4vsp.fsf>