From owner-freebsd-ipfw Wed Dec 4 9:23:14 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F5BC37B401 for ; Wed, 4 Dec 2002 09:23:13 -0800 (PST) Received: from diana.northnetworks.ca (att-ws20.switchview.com [216.13.70.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id B6C7543EC2 for ; Wed, 4 Dec 2002 09:23:11 -0800 (PST) (envelope-from iaccounts@northnetworks.ca) Received: from northnetworks.ca ([192.168.0.250]) by diana.northnetworks.ca (8.11.6/8.11.6) with ESMTP id gB4HN5L69711 for ; Wed, 4 Dec 2002 12:23:05 -0500 (EST) (envelope-from iaccounts@northnetworks.ca) Message-ID: <3DEE39C3.5040704@northnetworks.ca> Date: Wed, 04 Dec 2002 12:22:11 -0500 From: Steve Bertrand User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0rc3) Gecko/20020524 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-ipfw Subject: Re: Auto-recover References: <3DEE16D7.1020706@northnetworks.ca> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks for the suggestions, but neither worked. The bash command failed with a syntax error, and it appears that the unit sleeps for 10 seconds, then edits the script. The same problem occured. The fw program did not install correctly on my box, besides, it is not exactly what I need at this point. I will take a look at it though and will likely use some of the code for my own purposes. All I want to do is execute the ipfw script from a remote location and have it revert back if I can't get in. I think what I will do is write a perl script that will run the new script, watch for new ssh connections with my username, and revert to the old rules if no connection has been established within a set time. Now that I think about it, perhaps scrambling up the commands in Nicolaev's reply may help me on my way. Steve Steve Bertrand wrote: > No matter what I do, the auto-recover script (change_rules.sh) will > not process my new rules properly when connected via ssh. I suspect > that this is due to the flush at the top of my rules script. After > modification of my firewall script, I have to log back into the box > and the old rules are re-loaded. > Is there something special that I have to add or remove from my > ruleset to make this process work properly? > > Tks, > Steve > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message