From owner-freebsd-questions@FreeBSD.ORG Mon Mar 29 23:45:43 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EDB4116A4CE for ; Mon, 29 Mar 2004 23:45:43 -0800 (PST) Received: from smtp.mailbox.co.uk (smtp.mailbox.co.uk [195.82.125.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 66FF243D39 for ; Mon, 29 Mar 2004 23:45:43 -0800 (PST) (envelope-from waynep@smtp.penguinpowered.org) Received: from core.penguinpowered.org ([212.18.250.170] helo=smtp.penguinpowered.org) by smtp.mailbox.co.uk with esmtp (Exim 4.30) id 1B8DwL-0006Sr-Vf for freebsd-questions@freebsd.org; Tue, 30 Mar 2004 08:45:42 +0100 Received: from waynep by smtp.penguinpowered.org with local (Exim 4.30; FreeBSD) id 1B8Dw1-0008F6-3P for freebsd-questions@freebsd.org; Tue, 30 Mar 2004 08:45:21 +0100 Date: Tue, 30 Mar 2004 08:45:21 +0100 From: Wayne Pascoe To: freebsd-questions@freebsd.org Message-ID: <20040330074521.GA26996@marvin.penguinpowered.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-System: FreeBSD i386 with kernel 5.2.1-RELEASE-p3 Sender: Wayne Pascoe Subject: ipfw state tables X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Mar 2004 07:45:44 -0000 Hi all, We're using ipfw as a firewall solution on our network. We are using stateful rules. The problem I have though, is that when we reload our ipfw ruleset, all existing connections to or through the particular machine are lost. This means a lot of hung ssh sessions. Is there any way to save the state tables before firewall restart and then reload them once the new rules are in place ? Regards, -- Wayne Pascoe 'tis far easier to get forgiveness than it is to get permission - probably someone famous, but more often, my Dad.