Date: Mon, 5 Aug 2002 19:47:29 -0400 From: "Dan Langille" <dan@langille.org> To: Craig Boston <craig@meoqu.gank.org>, FreeBSD-stable@FreeBSD.ORG Subject: Re: making sure ipf doesn't lock you out during rule changes (was Re: remote upgrade stops ssh connections) Message-ID: <3D4ED651.26507.146917CA@localhost> In-Reply-To: <1028590686.881.13.camel@aldaris2.auir.gank.org> References: <3D4E299C.6846.11C676EE@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5 Aug 2002 at 18:38, Craig Boston wrote: > On Mon, 2002-08-05 at 06:30, Dan Langille wrote: > > On 5 Aug 2002 at 10:22, Dmitry Morozovsky wrote: > > > echo reboot | at +1hour > > > > > > would be an protective weapon (like reload in 10 minutes for > > > remote Cisco, you know ;-) > > > > That reminds me of this tip/trick I use when changing ipf rules: > > > > ipf -s -Fa -f /etc/ipf.rules && sleep 10 && ipf -s > > To anyone on the list who doesn't already know, make sure you do both > of these in a screen session or something similar. I use similar > tricks when changing routing/firewall settings, but sometimes (usually > if ICMP unreachables start getting generated), the ssh connection gets > closed before the timeout, and the shell dies when its controlling > terminal goes away. > > Running the command in screen solves this of course :) Good point. Thank you -- Dan Langille I'm looking for a computer job: http://www.freebsddiary.org/dan_langille.php To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D4ED651.26507.146917CA>