If you want to restart ipfw you can try: /etc/rc.d/ipfw restart
command if you are using FreeBSD 5.x or later. hth, Ganbold At 09:24 PM 9/28/2005, you wrote:
Achim Patzner <[EMAIL PROTECTED]> wrote: > Oliver Fromme wrote: > > No. Performing a reboot is a rather bad idea. > > Actually _loading kernel modules you haven't been using before_ Lots of people have been using it before. (Personally I prefer to compile it statically in the kernel, though.) > without scheduling a reboot (which can be cancelled just as easily as > removing an at job) is (not only in my opinion) a stupid idea. Apropos ideas: Not having remote console access to a machine which is located at 800 km distance is (not only in my opinion) a stupid idea. ;-) > > A much better way would be a small "at" job that inserts > > an appropriate "allow" rule: > > Where's the advantage? A solution that doesn't require a reboot is always better, especially on production machines. This isn't Windows, after all. For changing (and testing) rules, there's an even more elegant (and non-[qddisruptive) solution, see: /usr/share/examples/ipfw/change_rules.sh Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. Passwords are like underwear. You don't share them, you don't hang them on your monitor or under your keyboard, you don't email them, or put them on a web site, and you must change them very often. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[EMAIL PROTECTED]"
