> > > > I would suggest some sort of watchdog feature. If the ssh link
> > > > breaks then revert to the previous configuration.
> > >
> > >I don't know about LRP 2.9.4 and its descendents, but LRP 2.9.7 and
> > >all descendents (including Oxygen) come with a watchdog daemon;
> > >Oxygen comes with it disabled, since I have had repeated reboots when
> > >the watchdog decided things were too slow and it wouldn't give up.
> > >I'll have to be convinced its useful and reliable, I guess. Nothing
> > >like working away to have the system just suddenly reboot on you.
> >
> > I didn't phrase it quit right. This watchdog should watch the ssh
> > connection when you are making firewall rule changes. If the ssh
> > connection goes down and does not get restored within a minute or two,
> > then it should revert to the previous firewall rule configuration. This
> > should keep you from inadvertently locking yourself out of your router.
>
> Yes, good point. The system I'm stitching together collects
> all the rule changes first, and doesn't activate them until the very
> end. That is, after turning the user's points-and-clicks into ipchains
> commands it'll either write a run-as-root script when it's all done,
> or write that script and kick it off automagically.
> Importantly, it'll verify the integrity of that script (a
> quick hash check) after the transfer to be sure what's there is what
> was intended.
> I'm wondering how lean a standalone md5 message digester
> could be..."digest" looks like it's less than 30k including libmd.
IIRC, the latest busybox will generate md5 checksums...
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
