Date: Fri, 30 May 2014 00:31:31 +0000 (UTC) From: John Case <case@SDF.ORG> To: freebsd-questions@freebsd.org Subject: Can I reset all existing network connections with ipfw ? Message-ID: <Pine.NEB.4.64.1405300024480.1532@faeroes.freeshell.org>
next in thread | raw e-mail | index | archive | help
Let's say i have a rule like this somewhere near the front of my ipfw ruleset: ipfw add 10 allow tcp from any to any established ... fairly standard ... get established connections through ipfw quickly without sending them through the entire ruleset, which, presumably, they've already passed through. Ok, but what if I boot without a ruleset, OR I flush the rules and then re-apply them ... then there could be established tcp connections, that will be passed by this rule, that might be disallowed by the ruleset ... but they are allowed to continue because they were established before I applied the ruleset. In this case, is there an ipfw command that I can run that resets, or kills off, all established connections, and forces them to reconnect now that the rules are in place ? I could probably 'ifconfig down' the interface, but that seems like too much brute force ... is there a nice way to do it ? I was thinking of 'tcpdrop' but there doesn't seem to be a 'tcpdrop all' or equivalent command ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.64.1405300024480.1532>