Date: Fri, 29 Apr 2005 08:17:48 -0400 From: "Michael Scheidell" <scheidell@secnap.net> To: "Neo-Vortex" <root@Neo-Vortex.net>, "Siddhartha Jain" <sid@netmagicsolutions.com> Cc: freebsd-security@freebsd.org Subject: RE: IPFW disconnections and resets Message-ID: <B3BCAF4246A8A84983A80DAB50FE72423D1D3A@secnap2.secnap.com>
next in thread | raw e-mail | index | archive | help
>=20 > I use that all the time, maybe 1 out of 100 times it will kill=20 > a ssh session (only one that has irssi open cause of the time=20 > updating it kills it, i have it set to update every second=20 > though, so normally it'd be like 1 out of 500 or so) and even=20 > if it does, it still finishes loading the ruleset anyway so=20 > you can just ssh straight back in I used=20 sysctl -a net.inet.ip.fw.enable=3D0 && firewall.sh && net.inet.ip.fw.enable=3D1 && sleep 60 && reboot and I would hit a ^c to stop the sleep and reboot if I didn't wack the firewall rules. The reboot would put it back to rc.conf firewall Never got disconnected. Only window of vulnerability was while loading new firewall rules. Yours is safer.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B3BCAF4246A8A84983A80DAB50FE72423D1D3A>