Command to "dump" firewall rules to be persistent across reboots.

Dan Mahoney, System Admin danm at
Wed Nov 29 11:37:23 PST 2006

Hey all, I'm experimenting with ipfw as means of controlling some 
interesting anomalies like with portsenty or some ssh anti-brute-force 
scripts (i.e. adding bad hosts to tables, adding deny rules 
for certain hosts, etc), and I was wondering if there was (either in the 
form of a script, or a builtin command I can't find) some way to just 
"dump" all the ipfw data (pipes, queues, tables, etc) to a single file to 
be re-read on boot?

I'd be willing to try and write something like this if it doesn't already 
exist, but I'm rather surprised it doesn't.

-Dan Mahoney


"A single death is a tragedy.  A million deaths is a statistic."

-Josef Stalin, As quoted on the cover to Savatage's "Dead Winter Dead"

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM

More information about the freebsd-questions mailing list