Date: Wed, 29 Nov 2006 14:38:46 -0500 (EST) From: "Dan Mahoney, System Admin" <danm@prime.gushi.org> To: questions@freebsd.org Subject: Command to "dump" firewall rules to be persistent across reboots. Message-ID: <20061129143557.S55795@prime.gushi.org>
next in thread | raw e-mail | index | archive | help
Hey all, I'm experimenting with ipfw as means of controlling some interesting anomalies like with portsenty or some ssh anti-brute-force scripts (i.e. adding bad hosts to tables, adding deny rules for certain hosts, etc), and I was wondering if there was (either in the form of a script, or a builtin command I can't find) some way to just "dump" all the ipfw data (pipes, queues, tables, etc) to a single file to be re-read on boot? I'd be willing to try and write something like this if it doesn't already exist, but I'm rather surprised it doesn't. -Dan Mahoney -- "A single death is a tragedy. A million deaths is a statistic." -Josef Stalin, As quoted on the cover to Savatage's "Dead Winter Dead" --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061129143557.S55795>