On Fri, Nov 7, 2008 at 3:51 AM, Harald Dunkel <[EMAIL PROTECTED]> wrote: >> Question: How can I make sure that "em2" doesn't become "em0" >> if my dual-port NIC dies? This would be fatal for my firewall >> setup. At least the antispoof rules _must_ be bound to the >> network devices. >> > > Sorry to wake this thread up again, but this problem is a severe > security risk. IMHO it is unacceptable that a hardware failure on > one NIC of a firewall can put the whole network at risk, just because > the mapping between NICs and interface names gets mixed up, and PF > suddenly treats the Internet as a subnet of the company LAN.
echo 'if ! ifconfig | grep em2 > /dev/null; then mail -s "Tube explosion" [EMAIL PROTECTED]; shutdown -h now; fi' >> /etc/rc.local
