From owner-freebsd-pf@FreeBSD.ORG Sun Aug 13 15:11:36 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28D8F16A4DA for ; Sun, 13 Aug 2006 15:11:36 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from frontmail.ipactive.de (frontmail.ipactive.de [85.214.39.229]) by mx1.FreeBSD.org (Postfix) with ESMTP id A733543D45 for ; Sun, 13 Aug 2006 15:11:35 +0000 (GMT) (envelope-from volker@vwsoft.com) Received: from mail.vtec.ipme.de (gprs-pool-1-008.eplus-online.de [212.23.126.8]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by frontmail.ipactive.de (Postfix) with ESMTP id AAFF233D21 for ; Sun, 13 Aug 2006 17:11:29 +0200 (CEST) Received: from [192.168.18.3] (unknown [192.168.18.3]) by mail.vtec.ipme.de (Postfix) with ESMTP id 9ADFD2E538; Sun, 13 Aug 2006 17:11:20 +0200 (CEST) Message-ID: <44DF4125.6060009@vwsoft.com> Date: Sun, 13 Aug 2006 17:11:33 +0200 From: Volker User-Agent: Thunderbird 1.5.0.5 (X11/20060806) MIME-Version: 1.0 To: Greg Hennessy References: <000001c6bed4$680fd4d0$0a00a8c0@thebeast> In-Reply-To: <000001c6bed4$680fd4d0$0a00a8c0@thebeast> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-VWSoft-MailScanner: Found to be clean X-MailScanner-From: volker@vwsoft.com X-ipactive-MailScanner-Information: Please contact the ISP for more information X-ipactive-MailScanner: Found to be clean X-ipactive-MailScanner-From: volker@vwsoft.com Cc: freebsd-pf@freebsd.org Subject: Re: "Reset" Script, Anyone? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Aug 2006 15:11:36 -0000 On 08/13/06 14:31, Greg Hennessy wrote: > >> Wait! That might render your box unaccessible. >> >> What if your terminal session dies? Then the pfctl command >> after sleep will never be executed. > > Quite, for long distance management of any device like this, a 2[56]11 > plumbed into com0 configured as the console is not optional. > > > Greg Probably I was misinterpreting the term 'screen' as a terminal (ssh) session. Probably you're lucky to have one but I don't have it on several machines (yes, it's optional but even a good choice if you can use one). I guess (and even after re-reading the original post) the original poster doesn't have a com terminal session. Doing things like that in a ssh session is a bad idea. Just wanted to note this without going into a fundamental discussion. ;) Volker