Re: IPFW: combining "divert natd" with "keep-state"
From: Matthew George (mdg_at_secureworks.net)
Date: 06/24/03
- Previous message: FreeBSD bugmaster: "Current problem reports assigned to you"
- In reply to: Michael Collette: "Re: IPFW: combining "divert natd" with "keep-state""
- Next in thread: Andrew McNaughton: "Re: IPFW: combining "divert natd" with "keep-state""
- Reply: Andrew McNaughton: "Re: IPFW: combining "divert natd" with "keep-state""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Jun 2003 18:47:04 -0400 (EDT) To: Michael Collette <metrol@metrol.net>
On Fri, 20 Jun 2003, Michael Collette wrote:
> BTW, is there a way to give certain IPs permissions to reloading IPFW's
> rules?
> There's some stuff I'd like to be able to admin remotely. Darn box
> won't let
> me reload rules, but it will let me reboot. I've done this quite a bit
> in
> the past to force new rules to load. I was rather hoping there was a
> more
> elegant solution to this.
>
> Later on,
>
if you have 'flush' at the top of your ruleset, you can (sometimes) get
away with an `ipfw -q`. I find screen windows (ports/misc/screen) to be
most effective, though ... even if the connection dies, the screen will
detach and continue processing the rules file.
-- Matthew George SecureWorks Technical Operations _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: FreeBSD bugmaster: "Current problem reports assigned to you"
- In reply to: Michael Collette: "Re: IPFW: combining "divert natd" with "keep-state""
- Next in thread: Andrew McNaughton: "Re: IPFW: combining "divert natd" with "keep-state""
- Reply: Andrew McNaughton: "Re: IPFW: combining "divert natd" with "keep-state""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
