James Bowman Sineath, III wrote:
Hi all,
I have a small problem on one of my dev boxes. I have a bod bootup
ipfw rulset and I find myself locked out of the machine.
There will be a technician at the NOC on Tuesday that will be able
to assist me.
My question is: Will he/she be able to simply reboot, logon as root
as normal?
- and then -
disable IPFW in rc.conf ... or will the loopback rule not being
present cause more mahem than I think it will?
-Grant
He should be able to login without any problems.
On another note, in the future whenever you make changes to your
system that could potentially lock you out, use crontab to disable
them after a short amount of time. For example, when I was
reconfiguring sshd, I crontab'ed 'killall sshd && sshd -f
/root/sshd_config_old'
and moved the default config file to my /root directory. Also when
playing
with my ipfw rules, I crontab'ed 'ipfw disable firewall' for every 15
minutes
until I got it working the way I wanted too.
Be VERY careful with this though. Don't use it and then forget to remove
the lines from your /etc/crontab. Remove them as soon as you get it
configured the way you want too. This is obviously a serious security
risk, so don't use it very often. If you are worried about disabling your
firewall, then create a small ipfw script to deny all connections except
from your IP address and crontab that instead of 'ipfw disable firewall'.
Also keep in mind to enable your firewall again you will need to type
'ipfw enable firewall'.
See also /usr/share/examples/ipfw/change_rules.sh....
Kevin Kinsey.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
