Date: Thu, 22 May 2003 12:30:59 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Carolyn Longfoot <c_longfoot@hotmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Update Firewall Rules Message-ID: <20030522093058.GA24261@igloo.linux.gr> In-Reply-To: <Sea1-F44bF503zJLTz7000278e4@hotmail.com> References: <Sea1-F44bF503zJLTz7000278e4@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2003-05-22 04:16, Carolyn Longfoot <c_longfoot@hotmail.com> wrote: > How do I switch the firewall rules on a system without rebooting? > I tried executing /etc/rc.firewall OPEN for example but the same > rule set is put in place again that is defined in /etc/rc.conf. There's always the "manual" way: ipfw add 1 pass ip from any to any ipfw add 2 pass ip from any to any Then you load all your "new" rules after rule 1, and after you're done delete rule number 1: ipfw del 1 Doing thing on a remote machine that you cannot possibly access if something goes wrong (i.e. a collcation server) is probably not a good idea though. In cases like these, I usually follow the following procedure when tinkering with firewall rules to avoid locking myself out of a machine I can't login to afterwards: a) Schedule a reboot in 15 minutes or so. b) Load new firewall rules. c) Test rules. d) Unschedule the reboot if all goes well. HTH, Giorgos.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030522093058.GA24261>