RE: IPFW disconnections and resets
>=20
> I use that all the time, maybe 1 out of 100 times it will kill=20
> a ssh session (only one that has irssi open cause of the time=20
> updating it kills it, i have it set to update every second=20
> though, so normally it'd be like 1 out of 500 or so) and even=20
> if it does, it still finishes loading the ruleset anyway so=20
> you can just ssh straight back in
I used=20
sysctl -a net.inet.ip.fw.enable=3D0 && firewall.sh &&
net.inet.ip.fw.enable=3D1 && sleep 60 && reboot
and I would hit a ^c to stop the sleep and reboot if I didn't wack the
firewall rules.
The reboot would put it back to rc.conf firewall
Never got disconnected.
Only window of vulnerability was while loading new firewall rules.
Yours is safer.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)