Remote firewall changes, Was: Newbie Question About System
Update
Jared Earle
jearle at gmail.com
Wed Apr 20 06:28:18 PDT 2005
On 4/20/05, Aristedes Maniatis <ari at ish.com.au> wrote:
> Yes, that would be me. But someone taught me a great trick...the "at"
> command. So, just before you blow away your access with changes to
> ipfw, do this:
>
> echo "ipfw add 1 pass all from any to any" at now +10 minutes
>
> Then if all goes OK, use atq to remove the queue item. If not, wait 10
> minutes...
I use a crontab that runs ~/deadman.sh every 10 minutes. Usually, it's
empty, but occasionally, I add flush rules, nat reset rules, etc.
You can also have a file in your ~/ that you 'touch' every so often,
like a real deadman's brake. Using stat, (usually in perl for me) you
can check that it's been touched in the past hour (or however long)
and deal with stuff accordingly.
--
Jared Earle :: http://www.23x.net
jearle at gmail.com :: There is no SPORK
More information about the freebsd-stable
mailing list