Date: Tue, 24 Sep 2002 16:17:22 -0400 From: dfolkins <dfolkins@comcast.net> To: Kirk Strauser <kirk@strauser.com>, freebsd-questions@freebsd.org Subject: Re: Can IPFW keep state after a flush? Message-ID: <001301c26407$63eb2a20$0a00a8c0@groovy3xp> References: <87n0q7l4ns.fsf@pooh.int>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Kirk Strauser" <kirk@strauser.com> To: <freebsd-questions@freebsd.org> Sent: Tuesday, September 24, 2002 12:43 PM Subject: Can IPFW keep state after a flush? > From what I can tell, ipfw's 'flush' command clears the ruleset *and* the > current list of dynamic (keep-state) rules. Is there any way to ask ipfw to > flush only the ruleset, but to leave the dynamic rules intact? Ideally, > ipfw could be made to compare the curreny dynamic rules against any new > rules that were added, which would allow a sysadmin to implement a new > ruleset on an already-running system without disturbing any current valid > connections. Is such a thing possible, or am I dreaming? only solution i can think of is to add new rules from commandline, in addition to adding them to the ruleset. -- dfolkins To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001301c26407$63eb2a20$0a00a8c0>