Things to remove from /rescue
David O'Brien
obrien at FreeBSD.org
Tue Jul 22 08:11:47 PDT 2003
On Tue, Jul 22, 2003 at 11:10:22AM +0200, Dag-Erling Sm?rgrav wrote:
> "David O'Brien" <obrien at FreeBSD.org> writes:
> > If I did need to get to the Internet to get bits, what does ipfw do
> > for me that "sysctl net.inet.ip.fw.enable=0" doesn't?
>
> ipfw -q flush
> ipfw add pass ip from any to any via lo0
> ipfw add check-state
> ipfw add pass udp from me to any domain,ntp out keep-state
You need to run NTP to rescue your FUBAR'ed /lib???
If you're this worried about someone breaking into you when you've got
*zero* services running, use a 2nd machine to get those magical bits from
the Internet that will fix your FUBAR'ed /lib.
--
-- David (obrien at FreeBSD.org)
More information about the freebsd-arch
mailing list