Enable ipfw without rebooting
AT Matik
asstec at matik.com.br
Wed Sep 28 05:33:26 PDT 2005
On Wednesday 28 September 2005 09:24, Oliver Fromme wrote:
> > without scheduling a reboot (which can be cancelled just as easily as
> > removing an at job) is (not only in my opinion) a stupid idea.
>
you might consider pasting this into your rc.firewall
case ${fw_test_enable} in
[Yy][Ee][Ss])
${fwcmd} add 1 pass proto ip
;;
esac
and add
fw_test_enable="YES"
to your rc.conf
so when running `sh /etc/rc.firewall` you can see if your rules are in correct
order and delete manually rule 1 to activate it definitly and setting the
parameter in rc.conf to NO
or/and you may consider creating a script like
case $1 in
abre)
$cmd add $rnum pass proto ip
echo "o FW está aberto agora!"
;;
fecha)
$cmd delete $rnum
echo "o FW está fechado novamente."
;;
test)
$cmd delete $rnum
clear
echo "O FW fica agora 5 minutos fechado, faça os seus testes."
echo "Use um outro terminal ou sessão para o acesso remoto."
echo "experimente tb todo acesso com navegador etc para confirmar."
sleep 300
$cmd add $rnum pass proto ip
echo "O FW está aberto novamente."
;;
*)
echo
echo "Opções: abre | fecha | test "
echo
;;
esac
where abre=open fecha=close and test=test and it stays closed for the time you
configure
cheers
João
A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br
More information about the freebsd-ipfw
mailing list