Score:1

ipfw testing without blocking the FreeBSD server in the case of ipfw error

ru flag

I'm a newbie with ipfw, trying to learn it and testing its commands on the server with FreeBSD. Every time when I run ipfw command via SSH with a syntax error/typo and then restart ipfw service, the server becomes blocked for me and I can't work with it via SSH. Even if there is no any ipfw rule to deny traffic to my computer. And I'm forced to ask the main administrator to unblock my server.

Is there a way to test ipfw without such server/SSH blocking? Or if I would install/deploy the server locally on my computer, could I unblock the server by myself in the case of ipfw error?

A.B avatar
cl flag
A.B
Not specifically for your problem: remote console access is for cases when there's loss of network connectivity to be expected. So is there any provision for this? VMware remote console, libvirt virt-viewer, Dell iDRAC, HP iLO etc.?
Score:0
in flag

There is a very handy script:

/usr/share/examples/ipfw/change_rules.sh

It works exactly as you want:

# Invoke this script to edit ${firewall_script}. It will call ${EDITOR},
# or vi(1) if the environment variable is not set, for you to edit
# ${firewall_script}, ask for confirmation, and then run
# ${firewall_script}. You can then examine the output of ipfw list and
# confirm whether you want the new version or not.
#
# If no answer is received in 30 seconds, the previous
# ${firewall_script} is run, restoring the old rules (this assumes ipfw
# flush is present in it).
#
# If the new rules are confirmed, they'll replace ${firewall_script} and
# the previous ones will be copied to ${firewall_script}.{date}. Mail
# will also be sent to root with a unified diff of the rule change.
#
# Unapproved rules are kept in ${firewall_script}.new, and you are
# offered the option of changing them instead of the present rules when
# you call this script.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.