Update Firewall Rules
Giorgos Keramidas
keramida at ceid.upatras.gr
Thu May 22 02:31:05 PDT 2003
On 2003-05-22 04:16, Carolyn Longfoot <c_longfoot at hotmail.com> wrote:
> How do I switch the firewall rules on a system without rebooting?
> I tried executing /etc/rc.firewall OPEN for example but the same
> rule set is put in place again that is defined in /etc/rc.conf.
There's always the "manual" way:
ipfw add 1 pass ip from any to any
ipfw add 2 pass ip from any to any
Then you load all your "new" rules after rule 1, and after you're done
delete rule number 1:
ipfw del 1
Doing thing on a remote machine that you cannot possibly access if
something goes wrong (i.e. a collcation server) is probably not a good
idea though. In cases like these, I usually follow the following
procedure when tinkering with firewall rules to avoid locking myself
out of a machine I can't login to afterwards:
a) Schedule a reboot in 15 minutes or so.
b) Load new firewall rules.
c) Test rules.
d) Unschedule the reboot if all goes well.
HTH, Giorgos.
More information about the freebsd-questions
mailing list