"Reset" Script, Anyone?
James Seward
jamesoff at gmail.com
Fri Aug 11 13:57:42 UTC 2006
On 8/11/06, beno <zope at 2012.vi> wrote:
> I am half a world away from my console. If I make a mistake entering my
> PF rules, I could lock myself out. It would be nice if I had a script I
> could activate by cron that automatically flushed out my rc.conf that
> I'm experimenting with and loaded the original. That way, I could set
> the cron, load my experimental rc.conf, reboot and see if I could still
> connect to my box. If I couldn't, then all I'd have to do is wait a few
> minutes and then I could try again. Surely I'm not the first person to
> have thought of this. Anyone have a script that does this?
I do this by having a screen session running, and a known-good pf.conf.safe:
# pfctl -f pf.conf && sleep 60 && pfctl -f pf.conf.safe
Then I detach my screen and try to login again, or test whatever I
wanted to. If it's all good and I haven't locked myself out, I just
have to get back into screen before 60 seconds pass and hit ^C. If I
don't do that in time, it'll load my safe ruleset.
/JMS
More information about the freebsd-pf
mailing list