Remote firewall changes, Was: Newbie Question About System Update

Jared Earle jearle at
Wed Apr 20 06:28:18 PDT 2005

On 4/20/05, Aristedes Maniatis <ari at> wrote:
> Yes, that would be me. But someone taught me a great trick...the "at"
> command. So, just before you blow away your access with changes to
> ipfw, do this:
> echo "ipfw add 1 pass all from any to any" at now +10 minutes
> Then if all goes OK, use atq to remove the queue item. If not, wait 10
> minutes...

I use a crontab that runs ~/ every 10 minutes. Usually, it's
empty, but occasionally, I add flush rules, nat reset rules, etc.

You can also have a file in your ~/ that you 'touch' every so often,
like a real deadman's brake. Using stat, (usually in perl for me) you
can check that it's been touched in the past hour (or however long)
and deal with stuff accordingly.

   Jared Earle ::  
 jearle at :: There is no SPORK

More information about the freebsd-stable mailing list