Date: Sat, 12 Mar 2005 16:54:34 +0000 From: Chris <chrcoluk@gmail.com> To: Andrea Venturoli <ml.diespammer@netfence.it> Cc: freebsd-net@freebsd.org Subject: Re: ipfw verbosity Message-ID: <3aaaa3a0503120854d06ada7@mail.gmail.com> In-Reply-To: <423307B8.8020406@netfence.it> References: <423307B8.8020406@netfence.it>
next in thread | previous in thread | raw e-mail | index | archive | help
I noticed when using check-state, the ssh session will die because the dynamic rules are flushed on the firewall reload. I can of course connect again right away. When using allow from established this problem doesnt occur and my ssh stays alive. What I would like is a way to flush only static rules and leave dynamic rules alone, this would enable me to use check-state again. Chris On Sat, 12 Mar 2005 16:16:08 +0100, Andrea Venturoli <ml.diespammer@netfence.it> wrote: > Hello. > > I noticed that when I issue "sh /etc/rc.firewall" to reload firewall > rules from a remote console, I get disconnected (as I would expect) and > locked out! > > The problems seems to be that "ipfw -f" prints: "command is /usr/local/...". > > This is in /usr/src/sbin/ipfw/ipfw2.c: > > fprintf(stderr, "command is %s\n", av[0]); > > This line does not onor the "-q" flag which, if I understand correctly, > was exactly meant to allow this kind of operations without console access. > > Naturally, I can comment this line in my sources, but I was asking > myself if this should be regarded as something to fix. > > bye & Thanks > av. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3aaaa3a0503120854d06ada7>