Am 28.09.2005 um 13:04 schrieb Oliver Fromme:
Try loading the IPFW KLD ("kldload ipfw").
And remember - doing a "shutdown -r +10" before trying might be a
good idea - last time I did this I found out the hard way that the
kernel module was built with a default action of "deny all from any
to any".
No. Performing a reboot is a rather bad idea.
Actually _loading kernel modules you haven't been using before_
without scheduling a reboot (which can be cancelled just as easily as
removing an at job) is (not only in my opinion) a stupid idea.
A much better way would be a small "at" job that inserts
an appropriate "allow" rule:
Where's the advantage? A reboot (on a well-maintained) machine should
get me back to the state it was before I started tinkering with
kernel modules. And shutdown is astonishingly resilient - if the
kernel didn't find a way to merrily spin around a lock in a place the
sun doesn't reach it usually works.
The same applies to other devices (e.g. Cisco routers), too. I'm a
Barbarian - why should I argue with ipfw if a battle axe would get
the same result more comfortably?
Achim
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
