Enable ipfw without rebooting
Ganbold
ganbold at micom.mng.net
Wed Sep 28 20:45:35 PDT 2005
If you want to restart ipfw you can try:
/etc/rc.d/ipfw restart
command if you are using FreeBSD 5.x or later.
hth,
Ganbold
At 09:24 PM 9/28/2005, you wrote:
>Achim Patzner <ap at bnc.net> wrote:
> > Oliver Fromme wrote:
> > > No. Performing a reboot is a rather bad idea.
> >
> > Actually _loading kernel modules you haven't been using before_
>
>Lots of people have been using it before. (Personally I
>prefer to compile it statically in the kernel, though.)
>
> > without scheduling a reboot (which can be cancelled just as easily as
> > removing an at job) is (not only in my opinion) a stupid idea.
>
>Apropos ideas: Not having remote console access to a
>machine which is located at 800 km distance is (not only
>in my opinion) a stupid idea. ;-)
>
> > > A much better way would be a small "at" job that inserts
> > > an appropriate "allow" rule:
> >
> > Where's the advantage?
>
>A solution that doesn't require a reboot is always better,
>especially on production machines.
>This isn't Windows, after all.
>
>For changing (and testing) rules, there's an even more
>elegant (and non-[qddisruptive) solution, see:
>/usr/share/examples/ipfw/change_rules.sh
>
>Best regards
> Oliver
>
>--
>Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
>Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
>Any opinions expressed in this message may be personal to the author
>and may not necessarily reflect the opinions of secnetix in any way.
>
>Passwords are like underwear. You don't share them,
>you don't hang them on your monitor or under your keyboard,
>you don't email them, or put them on a web site,
>and you must change them very often.
>_______________________________________________
>freebsd-ipfw at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
More information about the freebsd-ipfw
mailing list