Can I reset all existing network connections with ipfw ?
John Case
case at SDF.ORG
Fri May 30 00:32:30 UTC 2014
Let's say i have a rule like this somewhere near the front of my ipfw
ruleset:
ipfw add 10 allow tcp from any to any established
... fairly standard ... get established connections through ipfw quickly
without sending them through the entire ruleset, which, presumably,
they've already passed through.
Ok, but what if I boot without a ruleset, OR I flush the rules and then
re-apply them ... then there could be established tcp connections, that
will be passed by this rule, that might be disallowed by the ruleset ...
but they are allowed to continue because they were established before I
applied the ruleset.
In this case, is there an ipfw command that I can run that resets, or
kills off, all established connections, and forces them to reconnect now
that the rules are in place ? I could probably 'ifconfig down' the
interface, but that seems like too much brute force ... is there a nice
way to do it ?
I was thinking of 'tcpdrop' but there doesn't seem to be a 'tcpdrop all'
or equivalent command ...
More information about the freebsd-questions
mailing list