[nycbug-talk] Restarting ipfw remotely

Francisco Reyes lists
Wed Dec 21 22:48:14 EST 2005


Trish Lynch writes:

> What I've taken to doing is having ipfw default to accept in the kernel, 
> then having as my last line the deny all rule (65534), so it would be next 
> to impossible to lock myself out if I reload or flush it.

I like that idea.

While on the IPFW subject.. since when it became possile to run IPFW without 
modifying the kernel? A new co-worker just showed me a few days ago how one 
can just enable it in /rc.conf and just do "ipfw start".. is that a loadable 
module?

Is performance still better from the kernel? 




More information about the talk mailing list