Date: Fri, 11 Aug 2006 14:57:32 +0100 From: "James Seward" <jamesoff@gmail.com> To: beno <zope@2012.vi> Cc: freebsd-pf@freebsd.org Subject: Re: "Reset" Script, Anyone? Message-ID: <720051dc0608110657m1109c80dke2186baee9c2d9@mail.gmail.com> In-Reply-To: <44DC8709.1050605@2012.vi> References: <44DC8709.1050605@2012.vi>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/11/06, beno <zope@2012.vi> wrote: > I am half a world away from my console. If I make a mistake entering my > PF rules, I could lock myself out. It would be nice if I had a script I > could activate by cron that automatically flushed out my rc.conf that > I'm experimenting with and loaded the original. That way, I could set > the cron, load my experimental rc.conf, reboot and see if I could still > connect to my box. If I couldn't, then all I'd have to do is wait a few > minutes and then I could try again. Surely I'm not the first person to > have thought of this. Anyone have a script that does this? I do this by having a screen session running, and a known-good pf.conf.safe: # pfctl -f pf.conf && sleep 60 && pfctl -f pf.conf.safe Then I detach my screen and try to login again, or test whatever I wanted to. If it's all good and I haven't locked myself out, I just have to get back into screen before 60 seconds pass and hit ^C. If I don't do that in time, it'll load my safe ruleset. /JMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?720051dc0608110657m1109c80dke2186baee9c2d9>