On Wednesday 29 November 2006 13:38, Dan Mahoney, System Admin wrote:
> Hey all, I'm experimenting with ipfw as means of controlling some
> interesting anomalies like with portsenty or some ssh anti-brute-force
> scripts (i.e. adding bad hosts to tables, adding deny rules
> for certain hosts, etc), and I was wondering if there was (either in the
> form of a script, or a builtin command I can't find) some way to just
> "dump" all the ipfw data (pipes, queues, tables, etc) to a single file to
> be re-read on boot?
> I'd be willing to try and write something like this if it doesn't already
> exist, but I'm rather surprised it doesn't.
> -Dan Mahoney
> --
> "A single death is a tragedy.  A million deaths is a statistic."
> -Josef Stalin, As quoted on the cover to Savatage's "Dead Winter Dead"
> --------Dan Mahoney--------
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---------------------------

Take a look at "man rc.shutdown"

I don't know if it's exactly what you want, but there may be another way:

Write a script in /usr/local/etc/rc.d that responds to the "start" and "stop" 
parameters.  In the "stop" section you can output "ipfw list" to a file.  
Then in the "start" section you can read that file and run each line, 
essentially unmodified, agains ipfw.

good luck!

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to