-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Aristedes Maniatis wrote:
Ok, everyone who has NEVER ever made that mistake (or locked themself out with a firewall rule, accidentally putting it into effect before testing) raise their hand. :)
Yes, that would be me. But someone taught me a great trick...the "at" command. So, just before you blow away your access with changes to ipfw, do this:
echo "ipfw add 1 pass all from any to any" at now +10 minutes
Then if all goes OK, use atq to remove the queue item. If not, wait 10 minutes...
Why not just include an allow rule for a handful of management addresses in set 31? That's been pretty close to idiot-proof for me, and has definitely saved my bacon.
- -- David Talkington [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFCZmvp5FKhdwBLj4sRAlK4AKCUR/lg/VtZnMcIsRnaZ2pnEjffYwCghklp SYold53kPf7w8w/cGWsVsV0= =VHss -----END PGP SIGNATURE----- _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"