From owner-freebsd-questions@FreeBSD.ORG  Wed Oct  1 22:12:30 2014
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C919CF3F
 for <freebsd-questions@freebsd.org>; Wed,  1 Oct 2014 22:12:30 +0000 (UTC)
Received: from sdf.lonestar.org (mx.sdf.org [192.94.73.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mx.sdf.org", Issuer "SDF.ORG" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id AA4D7313
 for <freebsd-questions@freebsd.org>; Wed,  1 Oct 2014 22:12:30 +0000 (UTC)
Received: from otaku.freeshell.org (IDENT:case@otaku.freeshell.org
 [192.94.73.9])
 by sdf.lonestar.org (8.14.8/8.14.5) with ESMTP id s91MCJdl018973
 (using TLSv1/SSLv3 with cipher DHE-RSA-AES256-SHA (256 bits) verified NO);
 Wed, 1 Oct 2014 22:12:19 GMT
Date: Wed, 1 Oct 2014 22:12:19 +0000 (UTC)
From: John Case <case@SDF.ORG>
X-X-Sender: case@faeroes.freeshell.org
To: Michael Sierchio <kudzu@tenebras.com>
Subject: Re: Locked out of FreeBSD EC2 image - trying to figure out why ...
In-Reply-To: <CAHu1Y71Nay5ekXojFn-RDHb4PRmaiBDaunxqdcTy8iaV9YuusQ@mail.gmail.com>
Message-ID: <Pine.NEB.4.64.1410012211280.15899@faeroes.freeshell.org>
References: <Pine.NEB.4.64.1410012025290.15899@faeroes.freeshell.org>
 <CAHu1Y71Nay5ekXojFn-RDHb4PRmaiBDaunxqdcTy8iaV9YuusQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 22:12:30 -0000


On Wed, 1 Oct 2014, Michael Sierchio wrote:

> Yes. DHCP responses will come from an RFC1918 network, for example.
> This is naive and really unnecessary - just use an appropriate EC2
> security policy.  If you insist on using ipfw, you'll need to improve
> your understanding of how things work.
>
> Also - an elastic IP will not persist across stopping and starting an
> instance, and you should associate it using a script inside the
> instance when it starts.


Ok, so the only way for me to rescue this instance (I did not make a 
snapshot prior to the firewall) is to snapshot it now, and then mount that 
snapshot on another instance and edit the conf file ...

Anything faster and easier than that, or is that my only option ?

Thanks.