ipfw verbosity
Chris
chrcoluk at gmail.com
Sat Mar 12 09:02:35 PST 2005
I noticed when using check-state, the ssh session will die because the
dynamic rules are flushed on the firewall reload. I can of course
connect again right away. When using allow from established this
problem doesnt occur and my ssh stays alive. What I would like is a
way to flush only static rules and leave dynamic rules alone, this
would enable me to use check-state again.
Chris
On Sat, 12 Mar 2005 16:16:08 +0100, Andrea Venturoli
<ml.diespammer at netfence.it> wrote:
> Hello.
>
> I noticed that when I issue "sh /etc/rc.firewall" to reload firewall
> rules from a remote console, I get disconnected (as I would expect) and
> locked out!
>
> The problems seems to be that "ipfw -f" prints: "command is /usr/local/...".
>
> This is in /usr/src/sbin/ipfw/ipfw2.c:
>
> fprintf(stderr, "command is %s\n", av[0]);
>
> This line does not onor the "-q" flag which, if I understand correctly,
> was exactly meant to allow this kind of operations without console access.
>
> Naturally, I can comment this line in my sources, but I was asking
> myself if this should be regarded as something to fix.
>
> bye & Thanks
> av.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list